*سلام دوستان گرامی،*
*فایل های مربوط به پرزنتیشن های اولین همایش ایران ناگ بهمراه عکس های گرفته
شده در همایش در وب سایت **ir-nog.com <http://ir-nog.com>** قرار داده شده
اند.*
*با سپاس*
*----------------*
*میلاد افشاری*
*ایران ناگ*
سلام و وقت بخیر،
دوستان گرامی همانطور که مطلع شدین اولین همایش ایران ناگ بزودی برگزار خواهد
شد،لطفاً به افراد و گروه هایی که فکر میکنین حیطه فعالیت و کارشون مرتبط با
موضوع همایش هست اطلاع رسانی کنید.
با سپاس فراوان
تیـــم برگزاری IRNOG
---
با سلام،
جهت اطلاع دوستان.
---------- Forwarded message ----------
From: Hisham Ibrahim <hmi(a)ripe.net>
Date: Mon, May 15, 2017 at 2:12 AM
Subject: [menog] WannaCry Ransomware
To: menog(a)menog.org
Dear All,
As you are no doubt aware, we are currently experiencing an unprecedented
ransomware attack at a global scale. The malware was detected on 12 May
2017 and has the capability to spread across networks taking advantage of a
critical exploit in a popular communication protocol used by Windows
systems.
Many of you have already reached out and are actively involved in
containing this threat. It is believed that the infection and propagation
rate may go up on Monday when people return to their workplaces.
Below is the Europol warning / update about the current ransomware threat.
If you think this would be useful to anyone in our community, please
forward it on.
A list of tips and advice on how to prevent ransomware from infecting your
electronic devices can be found at:
https://www.europol.europa.eu/sites/default/files/images/
editor/ransomware-01.jpg
Regards,
Hisham
Begin forwarded message:
*If you are a victim or have reason to believe that you could be a victim*
This is link provides some practical advice on how to contain the
propagation of this type of ransomware:
*https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance*
<https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance>
The most important step involves patching the Microsoft vulnerability
(MS17-010):
*https://technet.microsoft.com/en-us/library/security/ms17-010.aspx*
<https://technet.microsoft.com/en-us/library/security/ms17-010.aspx>
A patch for legacy platforms is available here:
*https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks*
<https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-w…>
In instances where it is not possible to install the patch, manage the
vulnerability becomes key. One way of doing this would be to disable the
SMBv1 (Server Message Block) protocol:
*https://support.microsoft.com/en-us/help/2696547*
<https://support.microsoft.com/en-us/help/2696547>
and/or block SMBv1 ports on network devices [UDP 137, 138 and TCP 139, 445].
Another step would be to update endpoint security and AV solutions with the
relevant hashes of the ransomware (e.g. via VirusTotal).
If these steps are not possible, not starting up and/or shutting down
vulnerable systems can also prevent the propagation of this threat.
*How to prevent a ransomware attack?*
1. *Back-up! Back-up! Back-up!* Have a backup and recovery system in
place so a ransomware infection can’t destroy your personal data forever.
It’s best to create at least two back-up copies on a regular basis: one to
be stored in the cloud (remember to use a service that makes an automatic
backup of your files) and one stored locally (portable hard drive, thumb
drive, etc.). Disconnect these when you are done and store them separately
from your computer. Your back-up copies will also come in handy should you
accidentally delete a critical file or experience a hard drive failure.
2. *Use robust antivirus software* to protect your system from
ransomware. Always use the latest virus definition/database and do not
switch off the ‘heuristic’ functions as these help the solution to catch
samples of ransomware (and other type of malware) that have not yet been
formally detected.
3. *Keep all the software on your computer up to date.* When your
operating system (OS) or applications release a new version, install it. If
the software you use offers the option of automatic updating, enable it.
4. *Trust no one. Literally.* Any account can be compromised and
malicious links can be sent from the accounts of friends on social media,
colleagues or an *online gaming*
<https://blog.kaspersky.com/teslacrypt-20-ransomware/9314/> partner.
Never open attachments in emails from someone you don’t know. Similarly,
don’t open attachments in emails from somebody you know but from whom you
would not expect to receive such as message. Cybercriminals often
distribute fake email messages that look very much like email notifications
from an online store, a bank, the police, a court or a tax collection
agency, luring recipients into clicking on a malicious link and releasing
the malware into their system. If in doubt, call the sender at a trusted
phone number to confirm the legitimacy of the message received.
5. *Enable the ‘Show file extensions’ option in the Windows settings on
your computer.* This will make it much easier to spot potentially
malicious files. Stay away from file extensions like ‘.exe’, ‘.com’, ‘.vbs’
or ‘.scr’. Cybercriminals can use several extensions to disguise a
malicious file as a video, photo, or document (like hot-chics.avi.exe or
report.doc.scr).
6. If you discover a rogue or unknown process on your machine, *disconnect
it immediately from the internet or other network connections (such as home
Wi-Fi)* — this will prevent the infection from spreading.
_______________________________________________
Menog mailing list
Menog(a)lists.menog.org
http://lists.menog.org/mailman/listinfo/menog
با سلام
اولین همایش ایران ناگ با حضور دست اندرکاران صنعت فناوری اطلاعات کشور در روز
سوم خرداد برگزار خواهد شد.
برای ثبت نام و حضور به صورت مجازی لطفا به وبسایت رسمی ایران ناگ به آدرس
http://ir-nog.com مراجعه فرمایید.
تیم برگزاری ایران ناگ