Replico el comunicado oficial de Forcepoint que acaba de salir hace unos minutos (20:00 hs GMT -3, Sábado 13 de Mayo de 2017) sobre este malware que está afectando el mundo entero (el malware WannaCry).
De paso les comento -por si les sirve- que Microsoft ha publicado el parche hasta para los sistemas que ya no tenían soporte (como XP):
También está para las versiones actuales:
Espero les sea de ayuda.
¿Cómo se propaga WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY?
- Si está el protocolo SMBv1 habilitado
- A través de un enlace o sitio web accesible desde internet (WAN)
- Si no está aplicado el parche MS17-010
Lic. Matias Colli
Consultor en Informática
Aqui va el comunicado:
Aqui va el comunicado:
  |
Dear Forcepoint Partner,
Friday brought one of the most significant malware outbreaks the world has seen in the past few years. This ransomware, called WannaCry (and variations such as WCry and WannaCrypt0r 2.0), is able to spread from computer to computer inside enterprise or government networks, a significant change from how recent malware has behaved.
Forcepoint Web, Email and NGFW security products around the world were updated within hours and are already blocking the WannaCry malware from being downloaded.
Here are answers to top questions about WannaCry:
Q: How might WannaCry get into my organization?
A: One way WannaCry gets in is through email that lures people into clicking on links to compromised sites that push malware onto their machines. Users should be reminded not to click on links from unknown sources.
Q: What makes WannaCry so dangerous?
A: WannaCry is a particularly virulent form of ransomware. In addition to encrypting files of the user who clicked on the email, it takes advantage of unpatched operating system vulnerabilities to actively spread from computer to computer, greatly expanding the reach of its attack.
Q: Do I have to do anything to enable Forcepoint’s protection against WannaCry?
A: No, you don’t. Forcepoint’s web and email security were already providing protection. Then, within hours, Forcepoint pushed threat intelligence to our web, email and NGFW security products that increased this protection, automatically blocking the WannaCry malware from downloading.
Our Forcepoint Security Labs has an analysis of WannaCry on our blog that describes WannaCry in more detail and provides guidance on how you can stay protected. We are continuing to investigate and will share further details on our blog. For additional general guidance on ransomware, please visit https://www.forcepoint.com/ransomware.
If you have additional questions, please don’t hesitate to contact your local Forcepoint representative.
Forcepoint
|
Fuente: https://go.forcepoint.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTTJaa1lXTXlZakUxWkRObSIsInQiOiIyTnZicWdlXC9Md2MwZlcrOFZRVUs3RVBqWUJwdVpraVBFbzNXMTFcLzhjK1RvYWVJYU1PV2Y4OEhFeXN6UENYdkVDbWtqYnRUbHBzOEJiWDNQVU1HWDg2Qm5BbW9EaWtTaE84cG0yYTBtTVlVY1NoZVFTajB1clJWUHJUeUdJZDVlIn0%3D
