From ANDORSOFT and with the support of our technological partner ZEED SECURITY we want to express our solidarity with the thousands of companies in more than 150 countries that have been infected by the WannaCry ransomware virus in recent days. We trust that the problem will be resolved quickly.<\/p>\n
Below we detail the origin and process that this cyberattack has used for its rapid spread.<\/p>\n
The origin of the attack was associated with an MS Office vulnerability, a vulnerability published on 3\/14 and its corrective measures.
\nOther exploits linked to perimeter defensive systems (Firewall, Antivirus, Certified Email...) would also have been executed due to lack of maintenance on them and have "opened the doors" to the exposure of the devices.
\nOnce devices are infected, ransomware can spread freely across the network due to the lack of good IT health practices by leaving SMB protocols open and unencrypted.<\/p>\n
* Server Message Block (SMB) is a network protocol that allows sharing files, printers, etc., between nodes of a computer network that use the Microsoft Windows operating system and, using a remote command execution vulnerability, is distributed to the rest of the Windows machines on the same network.<\/p>\n
In summary, three simple recommendations; present in all EAIS \u2013 Zeedsecurity audits, which, if implemented correctly after detection, would have acted preventively, contributing to preventing infection of the device.<\/p>\n
EAIS\/EAES 24\/7 is an excellent tool for daily monitoring of security and management of corrective measures to be implemented.<\/p>","protected":false},"excerpt":{"rendered":"
Des de ANDORSOFT i amb el suport del nostre\u00a0partner tecnol\u00f2gic ZEED SECURITY volem expressar la nostra solidaritat amb els varismilers d’empreses en m\u00e9s de 150 pa\u00efsos que han estat infectades pel virus ‘ransomware’ WannaCry en els \u00faltims dies. Confiem que el problema ser\u00e0 resolt r\u00e0pidament. A continuaci\u00f3 detallem, l’origen i el proc\u00e9s que aquest ciberatac […]<\/p>\n","protected":false},"author":1,"featured_media":15229,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[84],"tags":[131,132],"class_list":["post-15225","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-comercial","tag-ciberatac","tag-ransomware"],"acf":[],"yoast_head":"\n