Cybereason security researcher Amit Serper has found a way to prevent the Petya (NotPetya/SortaPetya/Petna) ransomware from infecting computers. The ransomware has been wreaking havoc across the globe today, locking hard drive MFT and MBR sections and preventing computers from booting. Unless victims opted to pay a ransom (which is now pointless and not recommended), there was no way to recover their systems.

The WannaCry ransomware is not dead yet and another large scale ransomware attack is making chaos worldwide, shutting down computers at corporates, power supplies, and banks across Russia, Ukraine, Spain, France, UK, India, and Europe and demanding $300 in bitcoins.

After Samsung had failed to renew the domain of one of their pre-installed apps, millions of users were left open to malware attacks.

WannaCry ransomware protector tool (Beta version) description Regarding the current outbreak of Wannacry ransomware, EthioCert has been gathering information and reversing one of the ransomware’s variant. Summing up all data, we have developed a pre-infection (protection) tool for the 2.0 variant of the ransomware. Even if no one in Ethiopia reported the ransomware infection yet, it’s just a matter of time before it becomes rampant or viral.

If your PC has been infected by WannaCry (the ransomware that wreaked havoc across the world) you might be lucky to get your locked files back without paying the ransom of $300 to the cyber criminals.

As mentioned on different blogs and sites including Ethiocert website (link to the info), WannaCry ransomware and other variant are targeting a vulnerability in SMB protocol, which windows use to share resources between computers. So beside updating and patching system we strongly recommend to disable SMBv1 protocol on your systems to avoid being exploited incase other hosts are infected in the network.

WannaCry is a ransomware program targeting Microsoft Windows operating system. On Friday, 12 May 2017, a large cyber-attack using it was launched, infecting more than 230,000 computers in 150 countries, demanding ransom payments in the cryptocurrency bitcoin in 28 languages. The attack spreads by multiple methods, including phishing emails and on unpatched systems as a computer worm. The attack has been described by Europol as unprecedented in scale.

Now, according to security firm Proofpoint, the operators of the Dridex malware started exploiting the unpatched Microsoft Word vulnerability to spread a version of their infamous Dridex banking trojan.

It's 2017, and opening a simple MS Word file could compromise your system. Security researchers are warning of a new in-the-wild attack that silently installs malware on fully-patched computers by exploiting a serious — and yet unpatched — zero-day vulnerability in all current versions of Microsoft Office on fully-patched PCs.

After last month's postponement, Microsoft's Patch Tuesday is back with a massive release of fixes that includes patches for security vulnerabilities in Windows and associated software disclosed and exploited since January's patch release.