Thought you guys might find this interesting if you're not drowning in trying to sort it out! It's an analysis of what we know so far about Wannacrypt.
https://www.theregister.co.uk/2017/0...nsomware_worm/
Thought you guys might find this interesting if you're not drowning in trying to sort it out! It's an analysis of what we know so far about Wannacrypt.
https://www.theregister.co.uk/2017/0...nsomware_worm/
Ha!The software nasty has today ransacked the UK's national healthcare service, forcing hospitals to shut down to non-emergency patients; torn through Spanish telco Telefónica; and many other organizations. In what is looking like one of the biggest malware attacks in recent memory, the bulk of the infections are in Russia – including the state's interior ministry; the virus has claimed high-profile targets around the world.
![]()
BOO!We're told 16 NHS health trusts in the UK were taken out by the malware. Prime Minister Theresa May said the code "has crippled" Brit hospitals, and that Blighty's surveillance nerve center GCHQ is looking into the outbreak. The NHS is thought to have been particularly hard hit because of the antiquated nature of its IT infrastructure. A large part of the organization's systems are still using Windows XP, which is no longer supported by Microsoft, and Health Secretary Jeremy Hunt cancelled a pricey support package in 2015 as a cost-saving measure.
You got any link to prove that? I'm pretty sure they just made it free to all XP users now in response to the attack. I imagine that they would have been given out to the ones that pay for XP support back in March. Lots of supposition from both of us. But it is rather telling that it took them less than a day to release it for XP quite possibly suggesting it had been already tested and used 'in the wild'.
Sent from my SM-N915FY using Tapatalk
It is almost as if I read articles about this going to happen as XP got EOL'ed.
Are you an engineer? -- Quack
At work we have a client who pays for XP extended support and they didn't get the patch in advance, their XP machines still had the EternalBlue hole. The vulnerability is in the SMBv1 code, which has barely changed at all in later versions of Windows as it's only present for backward compatibility, so MS knew exactly what to fix and how to do it. They could have done the patch in a few hours, no problem.
Returned to work after a month off. Nothing has changed. There are still jobs open and not touched from before I left.. The office365 project has finished in the same state of was in when I left (so broken with only about 20% of users migrated). The Windows 10 project progressed to about 50 desktops before they found out a bunch of stuff didn't work..
Didn't really miss any of this. Would be nice to have some working systems..
Originally Posted by lubica
Field tech: "hmm the AD replication and RODC roles on this server aren't working"
*Field tech then proceeds to reformat the DC along with the RDS VM apparently without backing anything up*
Now I'm getting calls from users about literally everything being broke, folder redirection is broke which is probably for the best because if it was working people would realise all of their shit is gone. DNS server is gone, there's a new one but it's on a new IP address which wasn't updated in anything. How are people so fucking bad at this
Today in our 'new' office365 hybrid install we have discovered there are a number of people that have their mailbox both on-prem AND in 365.. According to Microsoft this is not supposed to be possible. We literally have the best setup ever. (So glad I didn't do it)
Originally Posted by lubica
any bets on that surviving a upgrade from 2010 to 2016?
because, assuming you dont fuck with it, i'd wager it does.
Viking, n.:
1. Daring Scandinavian seafarers, explorers, adventurers, entrepreneurs world-famous for their aggressive, nautical import business, highly leveraged takeovers and blue eyes.
2. Bloodthirsty sea pirates who ravaged northern Europe beginning in the 9th century.
Hagar's note: The first definition is much preferred; the second is used only by malcontents, the envious, and disgruntled owners of waterfront property.
I'm going to look into it this morning as part of the clean up operation but I have a bad feeling that not only did they not back up the old server vhd files but actually reinstalled windows server IN the old vhds thus completely scrubbing any chance of recovering data
AFAIK MS doesn't really recommend them but I'm yet to hear of one that failed catastrophically
Bookmarks