https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/163556#M30 <P>want to know in which app and content release "Petya ransomware" attack is mitigated/protected. What code I should update it on to get the protection from this attack.&nbsp;</P><P>&nbsp;</P><P>As os now, we are on 698-4026 app and content code. Please suggest.</P> Wed, 28 Jun 2017 07:01:38 GMT vsingh 2017-06-28T07:01:38Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/163556#M30 <P>want to know in which app and content release "Petya ransomware" attack is mitigated/protected. What code I should update it on to get the protection from this attack.&nbsp;</P><P>&nbsp;</P><P>As os now, we are on 698-4026 app and content code. Please suggest.</P> Wed, 28 Jun 2017 07:01:38 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/163556#M30 vsingh 2017-06-28T07:01:38Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/163665#M33 <P>If you search Petya in the Threat Vault at <A href="https://threatvault.paloaltonetworks.com/&nbsp;you" target="_blank">https://threatvault.paloaltonetworks.com/&nbsp;you</A> will find the specific content&nbsp;release for Pre or Post 7.1.</P> Wed, 28 Jun 2017 17:52:16 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/163665#M33 Michael_Zook 2017-06-28T17:52:16Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/163953#M35 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/10008">@vsingh</a></P><P>The below Palo Alto article gives you lots of good information on how to mitigate this threat.</P><P>&nbsp;</P><P>Also, make sure that your firewall has the following Vulnerability Protection signature enabled and applied to your security rules to prevent exploitation by the EternalBlue exploit.</P><P><A href="https://researchcenter.paloaltonetworks.com/2017/06/palo-alto-networks-protections-petya-ransomware/" target="_blank">https://researchcenter.paloaltonetworks.com/2017/06/palo-alto-networks-protections-petya-ransomware/</A><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="CVE-2017-0144.PNG" style="width: 800px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/9993i405089D97521E81D/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="CVE-2017-0144.PNG" alt="CVE-2017-0144.PNG" /></span></P><P>&nbsp;</P><P>&nbsp;As for checking the AV signatures (Hashes) for this malware, as&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/41948">@Michael_Zook</a>&nbsp;mentioned, go to &nbsp;<A href="https://threatvault.paloaltonetworks.com" target="_blank">https://threatvault.paloaltonetworks.com</A> and type the name Petya in the search box, and it will list all contents for you.</P><P>&nbsp;</P><P>I hope this helps</P> Fri, 30 Jun 2017 01:16:45 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/163953#M35 acc6d0b3610eec313831f7900fdbd235 2017-06-30T01:16:45Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/185955#M107 <P>by using which app &amp;content or antivirus code bad rabbit ransomeware attack is mitigated.</P> Wed, 08 Nov 2017 10:41:04 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/which-app-and-content-code-petya-ransomeware-attack-is-mitigated/m-p/185955#M107 vsingh 2017-11-08T10:41:04Z