when this hit, that's what they said, then when they realized it was like every other malware, the news tried the "wannacry not delivered via attachements" headlines for like 40 seconds til the tech community lashed out (btw the tech community is the only legitimately non partisan community out there) and they STFU. I never understood when our customers get het with malware, why the people who don't use UPS insist on always opening the UPS attachments granted, this propagates from an infected machine to others if you didn't apply the three month old patch, so "technichally it doesn't have user interaction" but unless its dropping an executable in a startup folder, does it really?
I just wonder if I'm missing something. I sat through a UTM webinar the other day on this, expecting to gain insight. The gist of this one is "yer fukt" because it was distributed by what equates to a 3 year old with an iPhone, and paying the ransom doesn't get you a key. There was a post webinar Q&A that disconnected because the UTM vendor didn't realize the guy who started the session had to actually stay in it to keep it going.... that's the level of non starter I perceive wannacry as. On Tue, May 23, 2017 at 12:25 AM, Josh Reynolds <j...@kyneticwifi.com> wrote: > It's very possible, I've just never heard of an exploit that doesn't > actually require you to run the payload > > - Josh > > On May 23, 2017 12:22 AM, "Steve Jones" <thatoneguyst...@gmail.com> wrote: > >> that's like super old (not that wannacry is all that new) >> its amazing to me that malware is such a thing >> fuckballs stuxnet is still live >> are humans retarded? >> >> On Tue, May 23, 2017 at 12:15 AM, Josh Reynolds <j...@kyneticwifi.com> >> wrote: >> >>> I don't know which one that you are talking about, but there is a much >>> more advanced exploit floating around. One of the infection methods is to >>> auto download a file when loading a web page... When the user opens the >>> folder, the windows handler that loads the file icon from inside the >>> program, which then silently transmits that users credentials to a remote >>> SMB server. >>> >>> Nasty stuff. >>> >>> - Josh >>> >>> On May 23, 2017 12:03 AM, "Steve Jones" <thatoneguyst...@gmail.com> >>> wrote: >>> >>>> lol, better not be another one >>>> just seems like this wannacry thing is way blown out of proportion, I >>>> haven't seen anything to indicate its any more virulent or invasive than >>>> the standard malware, just happens it did a targeted phish of known >>>> unprotected targets >>>> >>>> On Mon, May 22, 2017 at 10:16 PM, Jay Weekley < >>>> par...@cyberbroadband.net> wrote: >>>> >>>>> Is this a new way of announcing your wife is having a baby? >>>>> >>>>> Steve Jones wrote: >>>>> >>>>>> I not an absurd lack of hype over this on this list when every other >>>>>> list is popping off >>>>>> Am I the only one that sees this as similar to the whole UBNT mishap? >>>>>> don't follow standard practices, pay the price? >>>>>> I'm inclined to block the ports as a mechanism of being a good >>>>>> steward of the interwebs, but shouldn't I have already been dropping >>>>>> those? >>>>>> as an ISP >>>>>> I'm tempted to push OS migration, but shouldn't I have already been >>>>>> doing so as an IT services guy. >>>>>> I'm tempted to keep current patches, but shouldn't I have already >>>>>> been doing so? >>>>>> I have no expectation that none of my contact customers will not be >>>>>> impacted... by choices they made in our contract. >>>>>> This doesn't seem like its a NEW thing >>>>>> >>>>>> <http://www.avg.com/email-signature?utm_medium=email&utm_sou >>>>>> rce=link&utm_campaign=sig-email&utm_content=emailclient> >>>>>> Virus-free. www.avg.com <http://www.avg.com/email-sign >>>>>> ature?utm_medium=email&utm_source=link&utm_campaign=sig-emai >>>>>> l&utm_content=emailclient> >>>>>> >>>>>> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> >>>>>> >>>>> >>>>> >>>> >>
