Monthly Archives: May 2017

Security Advisory: EternalRocks and other Malware Variants Utilising The Shadow Brokers Leaked NSA Exploits

Published by Elad Sharf, Nick Griffin (May 24, 2017)

Performanta is aware of additional malware variants, like ‘EternalRocks’, exploiting the same vulnerabilities as WannaCry and additional attack vectors leaked by The Shadow Brokers group.

If you’ve followed our previous advisory and protected yourself against WannaCry, you should be protected against the exploitation mechanism of new variants.

  1. Ensure the MS17-010 security
Read the rest

Can North Korea be Linked to WannaCry? A Timestamp Analysis

Published by Nick Griffin (May 19, 2017)

Performanta have analysed three earlier variants of the WannaCry ransomware from April and May 2017 which attempt to guess and brute-force passwords used for SMB in order to copy themselves to network shares. These samples are evidence that the WannaCry malware author(s) have long intended to launch a widespread ransomware epidemic. We also … Read the rest


WannaCry: What’s Real and What’s Not?

Published by Nick Griffin, Elad Sharf (May 17, 2017)

Over the last few days the WannaCry epidemic has sparked a media frenzy, with many jumping on the publicity bandwagon. There is a lot of information out there, but how do we separate the truth from the fiction? In this blog we will document the known facts and provide evidence for … Read the rest


HR ADVISORY: WannaCry: Securing Our World Together

Category : Threat Advisory

 

Securing Our World Together

Purpose:                    Recommended internal communication from our clients’ HR departments to all staff

Prepared by:             Performanta Human Capital

Date:                           15th May 2017

(Content below can be copied and pasted into an internal email to your employees:)

As you might have read over the weekend, on Friday 12 May the world faced its biggest cyber … Read the rest


PERFORMANTA ADVISORY: WannaCry: Caused by Humans, Impacting Humans

Category : Uncategorized

WannaCry: Caused by Humans, Impacting Humans

What is WannaCry?

Wanna Decryptor which also goes by the name of WannaCry or wcry, is a ransomware program that caused the largest ever Global Ransomware Attack on Friday 12th May 2017.

This ransomware locks all the data on the machine leaving the user with encrypted files along with a notice of what … Read the rest


TECHNICAL ADVISORY: WannaCry

Category : Threat Advisory

Planet Earth suffered the largest ever Global Ransomware Attack on Friday 12th May 2017.

Over 100 countries impacted; ranging from individuals to large organisations including the British NHS, Nissan, Telefónica and Renault. The ransom requested ranged between $300 – $100,000’s to be paid in Bitcoin causing global damages of over $700m.

On Friday 12th May, Performanta’s Security Operations Centre … Read the rest