Update on Petya Attack
As noted by our on-site expert, krakatoa, the current vaccine for Petya involves creating a file called perfc in the C://Windows folder and making it read only. No kill-switch has been discovered, only a local vaccine.
If you see the reboot notification below, your device has been infected. Turn off your device to prevent future encryption. Petya begins encrypting the device an hour after the initial infection.
**Update: Petya begins encrypting your the first 1MB of your files prior to the reboot. See new post for the updated information. **
Did you know it only takes 2 hours for a security patch to be reversed engineered? Don’t let your company’s vulnerabilities go unsupervised. Enroll in March’s Course of the Month to begin training for your Certified Penetration Testing Engineer Certification today.
This Patch Tuesday comes with 74 security updates, including fixes for two known vulnerabilities (CVE-2018-0808 and CVE-2018-0940); luckily this release arrives in a more timely fashion, as there have been no known exploitations of these vulnerabilities like we’ve seen in the past.