WannaCry benefits from unlearned lessons of Slammer, Conficker

posted onMay 14, 2017
by l33tdawg
https://sophosnews.files.wordpress.com/2017/05/shutterstock_515398291.jpg?w=780&h=408&crop=1
Credit: Naked Security

Friday’s massive WannaCry ransomware attack was certainly a gut punch for many organizations. But few should be shocked by its rapid spread – especially those who remember Slammer and Conficker.

Those contagions  – ancient malware by today’s standards – spread through exposed Microsoft vulnerabilities. WannaCry spread the same way. In each case, Microsoft had already released a patch for the security holes.

And so for some, an important lesson continues to go unrecognized:  that organizations must keep a close watch for patch updates and deploy the fixes immediately. WannaCry – also known as Wanna Decrypter 2.0, WCry, WanaCrypt and WanaCrypt0r – exploited a Windows vulnerability that Microsoft released a patch for in March. That flaw was in the Windows Server Message Block (SMB) service, which Windows computers use to share files and printers across local networks. Microsoft addressed the issue in its MS17-010 bulletin.

Source

Tags

Industry News

You May Also Like

Other Articles In This Section

Recent News

Thursday, May 17th

What Happened to Facebook's Grand Plan to Wire the World?
Google’s Chrome browser to drop secure label for all HTTPS sites
Tel Aviv Stock Exchange plans blockchain securities lending platform
North Korea May Be Secretly Selling Face Recognition Tech Abroad Through Front Companies
Website leaked real-time location of most US cell phones to almost anyone

Monday, May 14th

Critical PGP and S/MIME bugs can reveal encrypted e-mails. Uninstall now
Facial-recognition software inaccurate in 98% of cases, report finds

Tuesday, May 8th

4 Firefox extensions to install now
Bad guys have something new to play with! Microsoft Excel adds support for JavaScript
Equifax reveals full horror of that monstrous cyber-heist of its servers
Ukrainian Securities Regulator To Consider Crypto As Financial Instrument
Red Hat smitten by secure enclaves 'cos some sysadmins are evil
Magical Money - the ICO crypto-currency boom
May Patch Tuesday Fixes Two Bugs Under Active Attack
Sierra Wireless Patches Critical Vulns in Range of Wireless Routers
Google’s ML Kit offers easy machine learning APIs for Android and iOS
Apple: All app updates must support the iPhone X and iOS 11 come July

Saturday, May 5th

How FREE VPNs Sell Your Data

Thursday, May 3rd

Just because you can solve your problems with a blockchain, doesn't mean you should - Zulfikar Ramzan.
North Korea Denies it Hacked UN Sanctions Committee Database
Your Instagram #Dogs and #Cats Are Training Facebook's AI
Cambridge Analytica shuts down after Facebook user data scandal

Wednesday, May 2nd

Industry CMO on the Downstream Risks of "Logo Disclosures"
GitHub Exposed Passwords of Some Users
Apple meets with California DMV officials to discuss autonomous vehicles
Security Trade-Offs in the New EU Privacy Law
Oculus Go review: The wireless-VR future begins today for only $199
Mark Zuckerberg Says It Will Take 3 Years to Fix Facebook

Tuesday, May 1st

Facebook's facial recognition feature could be helpful for missing persons
The promised Cortana-Alexa integration is getting closer
How to force Windows 10 to download the April 2018 Update
After data “clash” report, WhatsApp founder says he’s leaving Facebook
Google I/O 2018 preview—What we’re expecting from Google’s big show
HomeKit: Sicherheitsforscher sieht grundlegende Lücke – Apple ergreift Gegenmaßnahmen

Friday, April 27th

Sprint and T-Mobile could reach merger deal by next week, report says