If you get an email claiming to be from Microsoft about a Windows update, don't open it. Security researchers from Trustwave's SpiderLabs have discovered a new malicious campaign which spoofs urgent update emails from Microsoft to infect user's systems with the Cyborg ransomware. Learn more in this article.
Fortinet’s Proactive Protection
MTBW Services, Inc. takes a long hard look at each company we partner with before we ever bring a product through your doors. This recent e-mail from Fortinet is exactly why we STRONGLY recommend the enterprise bundle, which includes FortiSandbox, protection for every Fortinet product we sell.
“As you may know, on May 12, hackers launched a global ransomware campaign against tens of thousands of corporate and governmental targets. The ransomware encrypts files on an infected computer and asks the computer’s administrator to pay a ransom in order to regain access.
The ransomware attack is apparently spreading through a Microsoft Windows exploit called “EternalBlue,” for which Microsoft released a patch in March. That month Fortinet released an initial IPS signature to detect vulnerabilities against MS17-10. This signature specifically looks for SMB type vulnerabilities. Earlier this week, Fortinet updated our IPS signature to further enhance detection. It appears this update detects the ransomware. Yesterday, we released an AV signature that detects and stops this attack. [Third-party testing has confirmed that Fortinet Anti-Virus and FortiSandbox are blocking the attacks.]”
To read Fortinets blog with additional information about WCry Ransomware click here.