In this audio blog, Daniel Aguirre, VMware Security Engineer NSX gives us an overview of the new ransomware called WannaCry or Wanna Decryptor that is attacking Microsoft Windows computers on the Internet and within organizations through a service vulnerability SMB 1.0 reported by Microsoft in the bulletin MS17-010 since March 2017 and has been exploited through the exploit called Eternalblue to demand a rescue of the files through Bitcoins. Although it was accidentally stopped the propagation (Killswitch), already new variants of this Ransomware are observed. We will be addressing the measures recommended by VMware and how NSX helps in the detection, monitoring and blocking of malware with native tools like Endpoint Monitoring as well as integration with security partners and best practices to avoid being infected by this worm.
