Welcome to Smokey's Security Forums.
Guests only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

What is phishing? How to protect yourself from scam emails and more

Don't click on that email! Find everything you need to know in this phishing guide including how to protect yourself from one of the most common forms of cyber attack.

What is phishing? How to protect yourself from scam emails and more

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: WannaCry Started with a Hunt for Public-Facing SMB Ports, Not Phishing  (Read 18 times)

0 Members and 1 Guest are viewing this topic.

GilbertTopic starter

  • Updates Moderator
  • *
  • Offline Offline
  • location: Arctic
  • Posts: 31201
WannaCry Started with a Hunt for Public-Facing SMB Ports, Not Phishing
23 May 2017, 12:31 am

The WannaCry ransomware nightmare didn't begin like most other ransomware instances - via phishing - but rather through a simple scan of the public Internet. 

Security firm Malwarebytes writes in a new report that given the lack of other evidence, this is the only way the WannaCry ransomware could have propagated - the attackers scanned the Internet for vulnerable SMB ports. 

"Without otherwise definitive proof of the infection vector via user-provided captures or logs, and based on the user reports stating that machines were infected when employees arrived for work, we’re left to conclude that the attackers initiated an operation to hunt down vulnerable public facing SMB ports, and once located, using the newly available SMB exploits to deploy malware and propagate to other vulnerable machines within connected networks," writes Malwarebytes senior malware intelligenc... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

    

  

Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks
rifle
rifle
rifle
rifle