Leave a comment

New security flaw leaves door wide open for another global ransomware attack

New security flaw leaves door wide open for another global ransomware attack
© Ratthanarong Phraibung | Dreamstime.com

Ransomware attacks surged in 2016. The FBI estimates that victims paid nearly $1 billion in ransom last year alone.

These attacks are getting worse in 2017. I'm sure you've heard about the WannaCry ransomware outbreak that infected over 300,000 computers worldwide a couple weeks ago. Now, the U.S. government is warning that another WannaCry type attack is on the way.

Why another WannaCry type attack is coming

The U.S. Department of Homeland Security (DHS) announced a newly discovered flaw this week in the popular software Samba. It's an open source/free software suite that provides seamless file and print services to SMB/CIFS clients and allows for interoperability between Linux/Unix servers and Windows-based clients.

DHS said the vulnerability impacts at least tens-of-thousands of computers and opens the door for attacks similar to WannaCry.

In a statement, Samba wrote, "All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."

The company is urging everyone who is using a vulnerable version to install a patch immediately. Click here to visit Samba's Security Update page with available patches.

If a patch isn't available right away for the version you are running, there is a way to work around the flaw. Just add the following command line code to your Samba configuration file and restart your network's SMB daemon:

nt pipe support = no

Adding the previous line of code will prevent worm-like ransomware from spreading to computers connected to the network.

How to defend against ransomware

With the ever-growing threat of ransomware, you need to take precautionary steps. Here are suggestions that will help:

  • Back up data regularly - this is the best way to recover your critical data if your computer is infected with ransomware.
  • Make sure your backups are secure - do not connect your backups to computers or networks that they are backing up.
  • Do NOT enable macros - You should never download PDF, Word or Excel files attached to unsolicited emails to begin with. If you do open one of these documents and it says that you need to turn on macros, close the file and delete it immediately.
  • Never open risky links in emails - don't open attachments from unsolicited emails, it could be a phishing scam. Ransomware can infect your gadget through malicious links found in phishing emails. Can you spot one? Take our phishing IQ test to find out.
  • Have strong security software - this will help prevent the installation of ransomware on your gadget.

Backing up your critical data is an important safety precaution in the fight against ransomware. It's the best way to recover your files without paying a ransom.

We recommend using our sponsor IDrive. You can backup all your PCs, Macs and mobile devices into ONE account for one low cost! Go to IDrive.com and use promo code Kim to receive a special discount.

Click here to receive the special discount.

More stories you can't miss:

7 ways to hack-proof your smartphone to keep your data safe

Top 5 security lessons ransomware teaches us the hard way

Think robocalls are annoying? Spam voicemails could make things even worse

Next Story
Source: Daily Mail
Don't fall for this Facebook anti-wrinkle cream scam!
Previous Happening Now

Don't fall for this Facebook anti-wrinkle cream scam!

What's new on Amazon Prime Video this June
Next Happening Now

What's new on Amazon Prime Video this June

View Comments ()