F-Secure update on Petya Ransomware

F-SECURE BLOCKS THE PETYA ATTACK
F-Secure blocks the new attack that spreads like May’s historic WannaCry outbreak. F-Secure endpoint products offer protection against the Petya attack on several layers to ensure that the attack can be stopped in multiple points during the attack chain:

  • F-Secure’s integrated patch management feature, Software Updater, prevents the new Petya ransomware variant attack from exploiting the EnternalBlue vulnerability by automatically deploying the related security patches.
  • F-Secure’s Security Cloud functionality detects and blocks the DLL file used by the ransomware.
  • F-Secure’s Anti-Malware engine detects and blocks the threat via multiple complementary signature detections.
  • F-Secure’s default firewall settings prevents the Petya attack from spreading laterally in the environment and encrypting files.

F-Secure’s vulnerability manager, F-Secure Radar, flags the missing Microsoft security patch and the vulnerable 445 port for immediate action for IT administrators, giving them ample time to fix the vulnerabilities before the outbreak.

F-Secure’s managed incident response service, F-Secure Rapid Detection Service, detects a large number of the TTP techniques used by Petya, such as abusing rundll-32 and other Microsoft components, allowing our customers to take immediate remediation actions in the case the infection is detected.

 

We are constantly updating our Business Security Insider blog as well as our web site with new content on the attack. For updates on the attack, please follow these channels!

Boekenlegger op de permalink.

Reacties gesloten.