hmm wannacry in my system no, still I don't need none AV Windows Firewall make your job perfectly (only need understand and know how to configure it correctly simple
The irony, majority of computers hacked are run by governments, and this is caused by back doors created by another government. Like watching blind people fight. I would be surprised if a single person got fired at the NHS. Also would not be surprised if the "Hero" is the one who released it originally during his week off.
So how can we be insure our PC is safe. Like only old Windows e.g. XP, 8 are affected or every version of Windows? I am running Windows 10. Should I be worried? What's the solution/prevention?
Windows has already provided a patch for XP, 8 and server '03. If you got the March '17 update you should be o.k. unless this wanacry changes or morph's into something different
Fired? The man will probably get a promotion for playing a part in taking down part of the Russian govt
To make a statement on this one needs to know how wannacry spreads itself. There are 2 different ways. One is via email and one is via a vulnerability at the SMB. The former can be avoided by common sense when getting suspicious emails and/or have a recent virus scanner running, the latter by sitting behind a firewall/router which has the used ports unavailable. These are especially 445 and 135. The fact that people are behind a router AND the accidentally discovered kill-switch -a cryptic domain- which has been set live slowed down the spreading... As soon as wannacry could reach that domain it slowed down spreading drastically. The solution is to patch the OS. W10 also. Older OSes are also affected. M$ has extra released a patch for them as well. Make sure you have either the monthly update or the particular security update only installed on your OS: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Additionally you might want to scan the both ports from outside for reachability using an online portscanner. This additionally assures to avoid further attacks via those ports. Make sure to scan your ports from 'outside' Inside the intranet/network they are open. http://www.ipv6scanner.com/ Mine have been filtered all the way by my router's firewall.
When was the last time you used a system that was completely without any Windows updates.? I do not update anything apart from when service packs used to come out, and the difference in speed is just unbelievable. When I'm on a Windows 7/ 8 et with all updates loaded, I find most of them unusable, everything takes so long to open, there are crashes, and MS obviously is stuffing things up deliberately to force a downgrade to their Spyware 10. I hope Microsoft will be sued for not fixing these issues, they have known about them for a long time and left the door open for the US government. It appears that anything goes for that scumbag Nadella, his family did a "great" job raising him, "Just do whatever you have to do to get ahead, lie, cheat, steal, anything, that's my boy" There must be grounds for refunds for the Windows versions still under "support", "Not fit for purpose" would be one reason enough.
Even though I completely agree with you (yes M$ is actually slowing down their OSes by updates near EOL especially to make their 'newer' ones more attractive) I wonder why you still are using windows and do complain. The SMB vulnerability is an really old one. It comes from the NT branch. I strongly assume it is known for years already! The job of secret services is to find vulnerabilities and to use them, that's common sense. Therefore they acquire hackers just like the Equation Group. As soon as it becomes public M$ has to patch it. That means it neither can be of any interest of the NSA to make them public nor an interest of the M$-NSA cooperation. Both took benefit and that's the reason why it lasted long time. But things have changed when the Shadow Brokers have made public some of the tools of the Equation Group on AUGUST last year already. What's a shame is that M$ is presenting themselves like a savior saying the vulnerability has been patched on March 'already'.
There is still 'something' left of the Shadow Brokers. Some political drivel: https://medium.com/@shadowbrokerss/dont-forget-your-base-867d304a94b1 And on github https://github.com/misterch0c/shadowbroker And an analysis of "EquationDrug- espionage platforms by the Equation Group" https://securelist.com/blog/research/69203/inside-the-equationdrug-espionage-platform/
Life is too short for Linux on a desktop/ laptop Plus XP & Se7en runs OK as long as one skips the patch hackjobs.
Linux (especially easy distributions like Mint) is just perfect for everyday work. I'm running dual boot, and I'm 99% on Linux. But no Linux/Windows discussion now here, wrong thread. Interesting read, if you haven't seen it already: https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html Let's see how this WannaCry story plays out in the end. With these events, maybe the responsible people will take more care about actually creating safe systems instead of spreading snake oil. This might be an unpopular and disputable view, but if you try to find a positive end for all this... to me it sometimes feels like an "immune defence" or evolution on the internet. Make your system and code safe and you will survive. Same with the bots bricking unsafe IoT devices: http://www.networkworld.com/article...someone-is-bricking-insecure-iot-devices.html And of course, this has alarming (but honestly, also ridiculous) consequences: https://consumerist.com/2016/08/19/...-lightbulb-servers-leaves-buyers-in-the-dark/ https://consumerist.com/2016/04/06/...s-who-will-own-300-paperweights-as-of-may-15/ http://www.overclock.net/t/1319323/...internet-connection-or-their-servers-are-down It's the hard way to learn, but humans seem to learn only from errors and damage and not by doing the right thing in the first place. Yeah, let's connect everything, put all stuff in a cloud and don't waste one single thought on protection, customers are only hindered from the obstacles created by safety anyways! This policy of consumers and manufacturers just not caring about safety is one of the main problems IMHO. But before going totally off-topic... some links on the topic which I found interesting; mostly comprehensive stuff: https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf https://www.cs.bu.edu/~goldbe/teaching/HW55815/presos/eqngroup.pdf http://ftsnnews.x10host.com/blog/20...-stuxnet-cyber-weapon-used-on-iran/?print=pdf http://cert.europa.eu/static/SecurityAdvisories/2017/CERT-EU-SA2017-012.pdf
WannaCry possibly linked to North Korea https://www.bleepingcomputer.com/ne...omware-shares-code-with-north-korean-malware/
Quite possible because the real perpetrators could make it look like it was from N.K. But I think N.K. govt has much more to gain from this than China would, because N.K. is hurting from the strict U.N. sanctions more now than when Obama was in office or... it could be some 14yr old punk geek in Queens too, But Kaspersky thinks it is from N.K.
@Joe C: That makes good sense. And Kaspersky is reputable. I wouldn't put it past some of these kids. They are really clever.
Two things I'd like to point out. 1. Installing the patch from M$ does not prevent wannaCry to run. Once it is there it can run and still encrypts files. The M$ patch just closes the vulnerability of windows wannaCry can use to INFECT windows. This is one way of infection. To prevent it running or an infection via email it has to be detected from a scanner/guard!!! 2. Sooner or later you will be forced to make this decision: Use windows >7 or an alternative. I found it reasonable to get rather sooner to the alternative than later.
WannaCry had a kill switch which means currently, it no longer works to encrypt files. That does not mean there are no copy cats out there acting like WannaCry and possibly even encrypt files. The person/s behind WannaCry could change the server settings within the program to make it active again but by now, I'd think the rest of the world has blocked the SBM exploit. http://www.darkreading.com/threat-i...e-been-a-sandbox-evasion-tool/d/d-id/1328892?
Sometimes advice is simple, known and easy to implement, yet people somehow manage to ignore it and get infected. And when I say people, large organizations with software experts are surprisingly included. - Turn Windows updates to automatic - Don’t open email attachments from unknown sources and before scanning - Don’t disable antivirus or firewall for the sake of getting any app - Keep away from dodgy sites and downloads, you know what I mean.
Windows XP is still getting 7% of the market share, Which places it at #3 next to Windows 10 (#2) and Windows 7 (#1) Windows XP has officially been off the updates list for quite a while now, although it's getting a better market share than Windows 8.1