Was notified by a friend in the USA that their company is under ransom ware attack and the miscreants are asking 300 USD equivalent in BitCoins to free each device.  They mentioned Petya.  With all this being so wide spread I did a cursory check to see what is going on.   It is notable to me that I keep hearing about hospitals being affected.  Perhaps some of those cheap Indian I.T. workers that hospitals are using are moonlighting?

Research Links

News

 

In windows 7 there are no hooks in Control Panel to turn smb1 on and off.  They suggest editing the following registry key.  To enable or disable SMBv1 on the SMB server, configure the following registry key: When I attempted this there was no entry for SMB1.  I created it and set it equal to zero.  Not sure if that will help me.

Registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters                 

Registry entry: SMB1 
REG_DWORD: 0 = Disabled 
REG_DWORD: 1 = Enabled 
Default: 1 = Enabled

 

 


0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *