As you've likely heard, a variant of the Petya malware is spreading rapidly and is known to have affected organizations worldwide, regardless of size. This variant of Petya follows a similar attack method to last month's WannaCry ransomware, though it uses the PsExec and WMI services for distribution.
Once compromised, the ransomware will overwrite the Master Boot Record (MBR), encrypt individual files that match a list of file extensions (including documents, archives, and more), and after a reboot of the system will present the user a message requesting a ransom in Bitcoin to decrypt the system. As with WannaCry, the ETERNALBLUE exploit toolkit (which was released by the Shadow Brokers group in April 2017) is suspected to be a key part of the attack.
Join us for a 30-minute technical webcast to learn more about this Petya variant, and how the unified security controls in AlienVault USM Anywhere can help you quickly identify vulnerable systems and attacks.
You'll learn:
What the AlienVault Labs security research team has uncovered about this threat
How to scan your environment (cloud and on-premises) for critical vulnerabilities with AlienVault USM
How AlienVault USM leverages threat intelligence for early detection of threats like this variant of Petya
How built-in response orchestration capabilities in AlienVault USM can stop the threat from spreading