[IGPP Everyone] [EPSS Everyone] Cyber security update

SALYARDS, STEPHEN salyards at epss.ucla.edu
Wed May 17 10:24:17 PDT 2017 

Greetings,
   Things have settled down a bit with the first couple of waves of the WannaCry/WannaCrypt ransomware worm. If you have been following it you may have heard that an unexpected "sinkhole" was discovered that acts as a kill switch. If you are really interested hunt around a bit on those terms and you should find more info.

I wanted to pass along two quick pieces of information about this malware:

First, UCLA Computer Security Office will be doing penetration testing across the campus network to find vulnerable systems. As stated before, these are older systems that have not been patched since March. It is highly likely that on the EPSS network our firewall will block the scan as it probably blocks the worm itself. But if you see attempted connections from campus machines that may be the explanation.

It is worth mentioning that this sort of scanning happens across the campus network all the time for other vulnerabilities and we do see that activity on our servers.

Second, I previously passed along incorrect information about updating much older systems such as Windows XP. It is not an automatic update as I previously stated but must be specifically downloaded from Microsoft. The best location to get the patch is probably to go to the Microsoft page about this malware. There is lots of info there about the worm, probably more than you want to know. But a ways down the page is the section Resources and in there are a number of links for different operating systems. For example you will need to know if you want the patch for XP SP 1 or XP SP 2, so check your System control panel first to see exactly what you have. The page is at
https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/

Thanks for all your help and let me know if you have questions about this info.
Take care
Steve Salyards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igpp.ucla.edu/pipermail/everyone/attachments/20170517/a8780c8f/attachment.html>
-------------- next part --------------
_______________________________________________
Everyone mailing list
Everyone at dept.epss.ucla.edu
http://dept.ess.ucla.edu/mailman/listinfo/everyone

More information about the Everyone mailing list