New computer virus/worm

Discussion in 'Technical' started by sec_monkey, May 22, 2017.

  1. sec_monkey

    sec_monkey SM Security Administrator

    as a bunch of monkeys predicted .. here we go again

    a new really dangerous computer virus/worm has been found

    monkeys please update all systems

    New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two
    Last edited: May 22, 2017
    stg58 and Motomom34 like this.
  2. duane

    duane Monkey+++

    Now the fun begins yet again. As a child of the 1940's I went through a change in our national view of safety. It started out with the rise of the airplane, we no longer lived well inland on an island, the bomber airplane could cross the seas and negate distance, took years, cost a lot of money, and could be defended against, but we were no longer safe at night from the world. Then we added the atomic bombs, now a few dozen airplanes in one night could destroy us and a new level of insecurity was reached, then we added jet power to the planes and the ability to deliver the weapons in a timely matter went up, then the missiles and subs made it impossible to stop an attack and we went to if you kill us, we will kill you all. That is the point we are at now with a few wild cards thrown in, ISIS, North Korea, China, etc. We are now in a new phase, modern transportation and communication, along with the revolutions in electronics and biology , computers, internet, DNA, gene splicing,etc, has now spread the danger to us as individuals. We depend on electronics for all of our daily life, stove, refrigerator, electric generation and distribution, cars and trucks, often glucose monitors and pace makers, and more and more are all interconnected, they all have chips and if you corrupt the system, either hacking by individuals or nations, or destroy the physical assets, emp, etc, our system will collapse and most of us will die. The same is true in the biological sense, I removed a deer tick from my arm on Friday, hopefully before it infected me with Lymes, and found another on my arm this morning, not embedded, and my wife and I now strip and examine each other every night, and if you don't have a partner to examine your back, you may be in real trouble, and it sure isn't something we had planned on for our old age. Computer virus, atomic bombs, new diseases and new vectors, new laws that attempt to control our lives and a host of people trying to game those laws, we live in a different world. In 1944, our family had no electricity, shared a phone line with 11 other families, didn't go to town over once a week in the summer, usually to shop, often didn't go to town for weeks in the winter, went to school with 15 students and one teacher and to a church that had 50 people and that was totally isolated from the system, etc. Now at 79 I am at least trying to communicate with people all over the world, on an instant basis, and on a media that will record every key stroke until someone decides to remove it at their will, am getting ready to go to work 25 miles away fixing tools made all over the world, using parts from all over the world and no longer having physical custody of the prints and data I need to fix them. That is on a server located somewhere in the world. I will take my lunch with its apples from New Zealand, onions from Peru, etc, and drive to work in my Japanese car. I may instead eat a fish sandwich at Mickey D's made with "North Pacific Haddock", and only God knows where the rest of the ingredients came from. While I can minimize some of the effects, own well, grow own food, keep as much off the grid and internet as possible, I am exposed to so many levels of danger and in so many ways, that I think you have to trust in some higher power, do the best you can, minimize the damages and muddle through. The alternatives, give up the internet, electricity, modern medicine, modern society, etc, are not something I am willing to do. Rather then being Chicken Little and watch the sky fall, I will at least try to be Henny Penny and plant my wheat and make my bread. I will now make my lunch, take my soap box, and go off to work and enjoy another beautiful day that God in his magnificence has given me to enjoy. I have a couple of Bosch Brute hammer drills to fix, with parts from Germany, and they weigh well over 60 lbs each, and I am very thankful that I still have both the ability to work on them and an employer who keeps me on the pay roll to fix them.
    Ura-Ki, Seepalaces, Motomom34 and 5 others like this.
  3. Brokor

    Brokor Live Free or Cry Moderator Site Supporter+++ Founding Member

    Microsoft people:

    In response to public reporting of a potential Server Message Block (SMB) vulnerability, US-CERT is providing known best practices related to SMB. This service is universally available for Windows systems, and legacy versions of SMB protocols could allow a remote attacker to obtain sensitive information from affected systems.

    US-CERT recommends that users and administrators consider:

    • disabling SMBv1 and
    • blocking all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices.
    US-CERT cautions users and administrators that disabling or blocking SMB may create problems by obstructing access to shared files, data, or devices. The benefits of mitigation should be weighed against potential disruptions to users. For more information on SMB, please review Microsoft Security Advisories 2696547 (link is external) and 204279 (link is external).

    *sigh* the NSA...
  4. Altoidfishfins

    Altoidfishfins Monkey+++ Site Supporter+

    Oh'll never end. Who allowed this stuff to get away from the NSA?
  5. 3M-TA3

    3M-TA3 Cold Wet Monkey Site Supporter++

    Our tax dollars at work...
    Brokor and Ura-Ki like this.
  6. 3M-TA3

    3M-TA3 Cold Wet Monkey Site Supporter++

    Windows 10 users can do this by starting powershell then running the following commands:
    start-process powershell –verb runAs (will open a new window with elevated privs)
    Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol (turn the effer off)
    Brokor, Ura-Ki and sec_monkey like this.
  7. sec_monkey

    sec_monkey SM Security Administrator

    yep but that aint enough

    ya gotta block all the ports too

    6 other vulnerabilities are also being exploited
    Brokor and Ura-Ki like this.
  8. 3M-TA3

    3M-TA3 Cold Wet Monkey Site Supporter++

    Agreed, and already found my router won't block specific ports. So will have to do that on each Windows computer. I have already restricted the rest from outside access until they are clean. Otherwise will use bootable Linux as a stop gap.
    Brokor, Ura-Ki and sec_monkey like this.
  9. sec_monkey

    sec_monkey SM Security Administrator

    get a monkey router :) (y)

    [applaud] :)
    Brokor and 3M-TA3 like this.
  10. 3M-TA3

    3M-TA3 Cold Wet Monkey Site Supporter++

    Turns out a router firmware update release two days ago added the ability to block individual ports. This was the most intrusive update so far - it required all wireless clients to disconnect and then reconnect to the network. It also required a manual restart instead of the usual automatic one. I suspect this update was for this specific threat and was rushed so no comfy features.

    EDIT: The requirement to disconnect and reconnect is a bonus, since it will prevent my wife and MIL from accessing the network without my assistance while I'm otherwise at work which will protect them from getting the worm.
    Last edited: May 22, 2017
    Ura-Ki and sec_monkey like this.
  11. sec_monkey

    sec_monkey SM Security Administrator

  12. Bandit99

    Bandit99 Monkey+++ Site Supporter+

    Very nice post, Duane.
    Ura-Ki and sec_monkey like this.
  13. Yard Dart

    Yard Dart Vigilant Monkey Moderator

    Why did I think you had some sort of virus..... and were trying to cure it with a worm?! :ROFLMAO:

    Dunerunner, 3M-TA3 and Ura-Ki like this.
  14. Bandit99

    Bandit99 Monkey+++ Site Supporter+

    Bloody hell. Here we go again. My patience is at an end...we need to hold the countries of these individuals and governments responsible for this crap and force them into harsher enforcement. (gumble, gumble, gumble...)
  15. sec_monkey

    sec_monkey SM Security Administrator

    Yard Dart likes this.
  16. Ura-Ki

    Ura-Ki Grudge Monkey

    My win 7 batch of updates took close to an hour, and then the full suite of security scans and RAID network updates took another hour, and this is running through a 480 SSD!!! Goot Gawd, what a head ache. Win 8.1 went in less then 10 min with it's 128 SSD, and all the security updates came in under 25 min.
    sec_monkey likes this.
  17. Cruisin Sloth

    Cruisin Sloth Special & Slow

    Ura-Ki likes this.
  18. enloopious

    enloopious Rocket Surgeon

    In remembrance of the Flu epidemic of 1918 I would not be surprised if there were a 100 year anniversary computer virus in the year 2018.
  19. Brokor

    Brokor Live Free or Cry Moderator Site Supporter+++ Founding Member

    Or the real thing...
    enloopious likes this.
  20. Motomom34

    Motomom34 Monkey+++

    Am I supposed to be doing something? My software is up-dated. Anything else?
    Last edited: May 24, 2017
survivalmonkey SSL seal warrant canary