I don't know which one that you are talking about, but there is a much more advanced exploit floating around. One of the infection methods is to auto download a file when loading a web page... When the user opens the folder, the windows handler that loads the file icon from inside the program, which then silently transmits that users credentials to a remote SMB server.
Nasty stuff. - Josh On May 23, 2017 12:03 AM, "Steve Jones" <thatoneguyst...@gmail.com> wrote: > lol, better not be another one > just seems like this wannacry thing is way blown out of proportion, I > haven't seen anything to indicate its any more virulent or invasive than > the standard malware, just happens it did a targeted phish of known > unprotected targets > > On Mon, May 22, 2017 at 10:16 PM, Jay Weekley <par...@cyberbroadband.net> > wrote: > >> Is this a new way of announcing your wife is having a baby? >> >> Steve Jones wrote: >> >>> I not an absurd lack of hype over this on this list when every other >>> list is popping off >>> Am I the only one that sees this as similar to the whole UBNT mishap? >>> don't follow standard practices, pay the price? >>> I'm inclined to block the ports as a mechanism of being a good steward >>> of the interwebs, but shouldn't I have already been dropping those? as an >>> ISP >>> I'm tempted to push OS migration, but shouldn't I have already been >>> doing so as an IT services guy. >>> I'm tempted to keep current patches, but shouldn't I have already been >>> doing so? >>> I have no expectation that none of my contact customers will not be >>> impacted... by choices they made in our contract. >>> This doesn't seem like its a NEW thing >>> >>> <http://www.avg.com/email-signature?utm_medium=email&utm_sou >>> rce=link&utm_campaign=sig-email&utm_content=emailclient> Virus-free. >>> www.avg.com <http://www.avg.com/email-signature?utm_medium=email&utm_sou >>> rce=link&utm_campaign=sig-email&utm_content=emailclient> >>> >>> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> >>> >> >> >