Petya Variant Ransomware: How to Detect the Vulnerability and Exploits

Logo
Presented by

Sacha Dawes, Principal Product Marketing Manager. Chris Doman, Threat Engineer

About this talk

As you've likely heard, a variant of the Petya malware is spreading rapidly and is known to have affected organizations worldwide, regardless of size. This variant of Petya follows a similar attack method to last month's WannaCry ransomware, though it uses the PsExec and WMI services for distribution. Once compromised, the ransomware will overwrite the Master Boot Record (MBR), encrypt individual files that match a list of file extensions (including documents, archives, and more), and after a reboot of the system will present the user a message requesting a ransom in Bitcoin to decrypt the system. As with WannaCry, the ETERNALBLUE exploit toolkit (which was released by the Shadow Brokers group in April 2017) is suspected to be a key part of the attack. Join us for a 30-minute technical webcast to learn more about this Petya variant, and how the unified security controls in AlienVault USM Anywhere can help you quickly identify vulnerable systems and attacks. You'll learn: What the AlienVault Labs security research team has uncovered about this threat How to scan your environment (cloud and on-premises) for critical vulnerabilities with AlienVault USM How AlienVault USM leverages threat intelligence for early detection of threats like this variant of Petya How built-in response orchestration capabilities in AlienVault USM can stop the threat from spreading
Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (33)
Subscribers (71987)
AT&T Cybersecurity’s edge-to-edge technologies provide phenomenal threat intelligence, collaborative defense, security without the seams, and solutions that fit your business. Our unique, collaborative approach integrates best-of-breed technologies with unrivaled network visibility and actionable threat intelligence from Alien Labs researchers, Security Operations Center analysts, and machine learning – helping to enable our customers around the globe to anticipate and act on threats to protect their business.