Petya ransomware/attack!

-
Image result for petya royalty free attack

By now you may have heard of the Petya (or NotPetya) ransomware.

This is a yet another high profile malware which has spread like wildfire but is only one in an increasing array of Ransomware attacks that threaten IT systems all around the world.

As with WannaCry before, please, please, please be extra careful with the following:
  • Email attachments – do you know the sender? Are you expecting an attachment from them? Does the attachment have an unusual name?
  • Website links in emails or from other websites whose reputation you can’t be sure of

Those of you who are my customers will already have ESET Antivirus, Automatic Windows Updates, and won’t have Windows XP (especially vulnerable).

However, this does not mean you can be in any way complacent.  This kind of infection is very hard to prevent and ultimately safety can be at the mercy of a user opening an infected attachment.

I advise doing the following as soon as you can:
  • Backup, backup, backup!  To an external hard drive, to a shared network drive, or to “the cloud” – e.g. Dropbox, OneDrive, iCloud Drive.
  • Run Windows Updates and set to automatic from now on
  • Make sure you have a good antivirus (I recommend ESET – www.eset.ie).  Make sure it’s licensed (if not free) and up to date
  • Get off Windows XP ASAP – ideally go to Windows 10 as it is their most secure OS yet.
  • Consider upgrading your Office version - ideally go to 2016 as it will be more secure and have more updates.

If any of you have any worries or doubts at all please call me.

Best regards,

Steve.

Comments

Post a Comment

Popular posts from this blog

Where are SCANPST.EXE and/or SCANOST.EXE?

-
Image
I sometimes have to deal with customer computers whose Outlook PST or OST files have become corrupted.  Very often the fix is to run SCANPST.EXE on the offending PST/OST file.   However, every time I go to do this I forget where the two executable files are.  Here is where they are on a Vista machine running Office 2007: C:\Program Files\Microsoft Office\Office12 I hope this helps.
Read more

APC PowerChute Network Shutdown - Authentication Phrase

-
Image
​Was installing  APC PowerChute Network Shutdown (PCNS) on a customer’s server and couldn’t find a record of the Authentication Passphrase that I set ages back on their Smart UPSes Network Management 2 Card. So I went to reset it on the card and start anew… it took a lot of digging to find it on their particular release of firmware: Go into the UPS tab, then into “shutdown” inside the “Configuration” category: You may then need to change the passphrase being used on other servers. To do this, open up PCNS in your browser and click into the area shown below:
Read more

WSUS Issues

-
Image
Was configuring WSUS on a Server 2016 VM for a customer recently and found the performance to be very sluggish and most of the time the client PCs would time-out and throw an error message when trying to check for updates. After much digging on different forums I came across a fix that worked nicely: Open Internet Information Services (IIS) Manager and click on Application Pools Then Right-Click on your WsusPool instance and choose Advanced Settings Scroll down to Private Memory Limit (KB) and change it from the default of 1843200 to 0 which means unlimited. Then right-click and stop the WsusPool and then start it again. Hope this works for you.
Read more