This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Ransomware Alert! Bad Rabbit

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Ransomware Alert! Bad Rabbit

jdelio
L7 Applicator
‎10-24-2017 04:14 PM

Working in the security world means that, more than likely, you will have to deal with ransomware at some point in time. Now with even more changing threats, it could be a lot sooner than later.  

Don't be a victim for the Bad Rabbit.Don't be a victim for the Bad Rabbit. 

Now we have something NEW to deal with and it is called Bad Rabbit. It was discovered Tuesday, 24th of October 2017. It has been reported as affecting countries in Eastern Europe. In fact, Ukrainian CERT has issued an alert on Bad Rabbit.

 

Bad Rabbit gets into networks by posing as an Adobe Flash update. Once inside a network, it starts to spread like rabbits (pun).

This ransomware is similar to Petya/NotPetya, because it encrypts the infected hard drive.

 

Because the initial attack vector is through bogus updates, Bad Rabbit attacks can be prevented only by getting Adobe Flash updates from the Adobe web site.

 

Am I Covered?

The GOOD NEWS is that Palo Alto Networks customers are protected through our Next-Generation Security Platform, which provides prevention through automation, applied consistently across the network, endpoint and cloud. Palo Alto Networks customers are protected from Bad Rabbit ransomware through multiple complementary prevention controls across the platform.

 

Unit 42 has developed a Threat Brief with information about the threat:  
Threat Brief: Information on Bad Rabbit Ransomware Attacks

 

To read Unit 42's blog entry about this ransomware, go here:

Palo Alto Networks Protections Against Bad Rabbit Ransomware Attacks

 

For Unit42's Autofocus entry, please see:

https://autofocus.paloaltonetworks.com/#/tag/Unit42.BadRabbit

 

Live Community!

Please do not forget about the Live Community for all ransomware/threat questions or concerns. Please visit the Threat & Vulnerability Discussions on the Live Community (https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Discussions/bd-p/Threat_Discussions)

 

Thanks for taking the time to read about this ransomware.

 

Stay Secure!

Joe Delio

  • 10624 Views
  • 0 comments
  • 3 Likes
Register or Sign-in
Labels
Popular Blogs
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks