Hello, welcome to the Thursday, June 28, 2017 edition of the Sansandet Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Columbia, Maryland.

News about the Petia-like ransomware is still dominating the headlines, but really not much news since yesterday about this it sounds like

things are somewhat under control for now at least until the next variant

emerges a number of large companies got hit by this ransomer looks actually

like the impact was almost a little bit bigger than Wanna Cry here.

So keep making sure that your systems are patched, backed up, and SMB version 1 is disabled,

unless you like to rush off an occasional ransomware outbreak.

One issue I forgot to mention yesterday was that the email address used to communicate with the attackers and to purchase the

description key was shut down soon after the malware was released. So if you're infected by this ransomware and you're transferring money to the Bitcoin account in question here,

well, you'll not be able to actually receive a key to decrypt your systems, so no point in

paying up. In case you're using Bantu Linux and smiled at the events of the last days. Be aware that

today a critical vulnerability in system D for Ubuntu was patched. The vulnerability is

exploitable via an oversized DNS response. It doesn't look like it is trivial to exploit,

but sufficient details were released about this vulnerability

to allow a creative exploit writer to prove me wrong.

So a patch is available, applied as soon as possible.

And a while ago, Microsoft announced, and I mentioned it here in this podcast, applied as soon as possible.

And a while ago, Microsoft announced, and I mentioned it here in this podcast, that EMET will no longer be supported.

Well, this enhanced mitigation experience toolkit was actually quite popular.

A lot of security people complained about Microsoft dropping support for it and looks like Microsoft

actually listened.

...