Skip to main content

Petya ransomware/attack!

Image result for petya royalty free attack

By now you may have heard of the Petya (or NotPetya) ransomware.

This is a yet another high profile malware which has spread like wildfire but is only one in an increasing array of Ransomware attacks that threaten IT systems all around the world.

As with WannaCry before, please, please, please be extra careful with the following:
  • Email attachments – do you know the sender? Are you expecting an attachment from them? Does the attachment have an unusual name?
  • Website links in emails or from other websites whose reputation you can’t be sure of

Those of you who are my customers will already have ESET Antivirus, Automatic Windows Updates, and won’t have Windows XP (especially vulnerable).

However, this does not mean you can be in any way complacent.  This kind of infection is very hard to prevent and ultimately safety can be at the mercy of a user opening an infected attachment.

I advise doing the following as soon as you can:
  • Backup, backup, backup!  To an external hard drive, to a shared network drive, or to “the cloud” – e.g. Dropbox, OneDrive, iCloud Drive.
  • Run Windows Updates and set to automatic from now on
  • Make sure you have a good antivirus (I recommend ESET – www.eset.ie).  Make sure it’s licensed (if not free) and up to date
  • Get off Windows XP ASAP – ideally go to Windows 10 as it is their most secure OS yet.
  • Consider upgrading your Office version - ideally go to 2016 as it will be more secure and have more updates.

If any of you have any worries or doubts at all please call me.

Best regards,

Steve.

Comments

Post a Comment

Popular posts from this blog

Resolve WSUS Server issue that gives "Cannot save configuration because the server is still processing"

This is a pretty infuriating error and can sometimes crop up as a result of running a "wsusutil reset" command. First of all, give the server some time, and then a bit more...  but you've probably already done this. These steps may help to resolve the situation: - Install Microsoft SQL Management Studio (free download) - Run SQL Management Studio and start to connect to the WSUS database - Enter this in the "Server Name" box:  \\.\pipe\MICROSOFT##WID\tsql\query - Expand the "Databases" tree - Right-click on "SUSDB" and choose "New Query" - Paste this query in:     UPDATE tbSingletonData     SET ResetStateMachineNeeded = 0 - You should see a message like "1 row affected", which is good - Quit SQL Management Studio - Open "Services" and restart the "WSUS Service" - Now, open WSUS
Post a Comment
Read more

Where are SCANPST.EXE and/or SCANOST.EXE?

I sometimes have to deal with customer computers whose Outlook PST or OST files have become corrupted.  Very often the fix is to run SCANPST.EXE on the offending PST/OST file.   However, every time I go to do this I forget where the two executable files are.  Here is where they are on a Vista machine running Office 2007: C:\Program Files\Microsoft Office\Office12 I hope this helps.
11 comments
Read more

DNS Dynamic Updates & DNS Scavenging

I was encountering an issue at a customer's site where the DNS records of their client PCs often would be behind or out of sync with the records in DHCP.  Usually the IP address would be older in DNS and this was causing issues with scripts executing and network tools correctly resolving client PC hostnames to their correct IP addresses. I realised I needed to make some changes to their dynamic DNS updating configuration.  After a lot of reading through Microsoft's documentation and various online forums, this is what I ended up configuring.  Hopefully this may help someone, some day: - Make the DHCP server a member of the "DnsUpdateProxy" group -  Create a new user account, in the "Users" OU, called "dnsdynamicupdates"   - This new user only needs to be a member of the "Domain Users" group - no special privileges   - Make the password strong and set it to never expire - Set this new user as the credentials used by the DCHP server in IPv4...
Post a Comment
Read more