Published on 06/29/2017
The latest outbreak of ransomware, Petya along with a varity of variants, has infected devices in 65 countries by leveraging the same vulnerability as the WannaCry malware, namely MS17-010 (EternalBlue). This version does not have a “back-door” fix that was inadvertently discovered in WannaCry. Thus, the impacts from Petya are more acute where the vulnerability remains. In January 2017, InfoArmor’s operative intelligence team identified this potential for exploitation as part of the Shadow Brokers activity. By pre-emptively warning our clients and working with several to assist them in patching the open vulnerability, InfoArmor was successful in protecting customer assets from this devastating ransomware attack. Below is the operatively-sourced intelligence timeline:
Below are the Advanced Intelligence notifications from InfoArmor’s VigilanteATI platform starting in January 2017:
InfoArmor’s VigilanteATI Advance Intelligence provides a comprehensive and cost-effective solution that enables IT security teams to leverage our elite operative and research team. By delivering real threat intelligence, not threat information, InfoArmor provides unsurpassed, accurate and efficient advanced threat intelligence that could not be obtained internally or by other traditional threat intelligence methods.
We write and compile educational resources for the industry on a monthly basis, including WebCasts, eBooks, White Papers, Checklists, etc. Subscribe below to be notified when new materials are released.
We respect your privacy and will never share your contact information without your explicit written consent.