20170709

What you need to know about the WannaCry Ransomware

What you need to know about the WannaCry Ransomware
【外部リンク】
https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware
What are the details on Symantec's protection?
Network-based protection
Symantec has the following IPS protection in place to block attempts to exploit the MS17-010 vulnerability:

OS Attack: Microsoft SMB MS17-010 Disclosure Attempt (released May 2, 2017)
Attack: Shellcode Download Activity (released April 24, 2017)
SONAR behavior detection technology

SONAR.AM.E.!g18
SONAR.AM.E!g11
SONAR.Cryptlk!g1
SONAR.Cryptlocker!g59
SONAR.Cryptlocker!g60
SONAR.Cryptlocker!g80
SONAR.Heuristic.159
SONAR.Heur.Dropper
SONAR.Heur.RGC!g151
SONAR.Heur.RGC.CM!g13
SONAR.Heuristic.158
SONAR.Heuristic.161
SONAR.SuspDataRun
SONAR.SuspLaunch!g11
SONAR.SuspLaunch!gen4
SONAR.TCP!gen1
Advanced Machine Learning

Heur.AdvML.A
Heur.AdvML.B
Heur.AdvML.D
Antivirus

For expanded protection and identification purposes, the following Antivirus signatures have been updated:

Ransom.Wannacry
Ransom.CryptXXX
Trojan.Gen.8!Cloud
Trojan.Gen.2
Ransom.Wannacry!gen1
Ransom.Wannacry!gen2
Ransom.Wannacry!gen3
Customers should run LiveUpdate and verify that they have the following definition versions or later installed in order to ensure they have the most up-to-date protection:

20170512.009
--

注目の投稿

cURL error 60: SSL certificate problem: unable to get local issuer certificate

cURL error 60: SSL certificate problem: unable to get local issuer certificate 更新失敗: ダウンロードに失敗しました。 cURL error 60: SSL certificate problem: ...

人気の投稿