by Howard Solomon
Canadian infosec pros crossed their fingers on June 27 that all their Windows systems were patched to block a world-wide infestation of ransomware worm that exploits a Windows vulnerability that helped spread the WannaCry ransomware a month ago.
Companies that haven’t heeded the warning from the WannaCry outbreak and installed Microsoft’s MS17-010 patch yet are likely to fall victim of this latest attack. Like WannaCry, this new strain searches for vulnerable machines on a network once it has infected a device. Unlike WannaCry, it collects all saved Server Message Block credentials on the system and uses them to log onto other machines on the local network. LogRhythm has written this blog with details.
In fact Daniel Tobok, CEO of Toronto-based cyber consultancy Cytelligence, said this latest attack shouldn’t have been a surprise. There were warnings of the new strain in early June on the underground criminal network called the Dark Web when someone was peddling what was called “an evolution of WannaCry,” he said in an interview.