Following the WannaCry and Petya/GoldenEye/NoPetya ransomware events, you'd think software companies would be quick to remove the need for SMB 1. This was the protocol exploited by the malware developers that allowed those attacks to spread so quickly. Microsoft has released a lit of developers still demanding SMB 1 support.
When the Petya/GoldenEye cyber event started about 48 hours ago, it looked like a more damaging upgrade to WannaCry. But as the dust settles it's becoming clear the makers and distributors of Petra/GoldenEye were not interested in money.
Although it less than two days since the Petya ransomware outbreak, the job of working out where the outbreak started and who is responsible has started. Based on telemetry they received, Microsoft believes the software updater for MEDoc - a Ukrainian tax software application - was the initial source of at least some infections.
WannaCry was the first major attack using tools developed from the NSA’s EternalBlue toolkit that were made available to the world following a leak published by Wikileaks. Last night, another ransomware attack was launched and this one doesn’t encrypt files - it encrypts drives.
