Wanna Decryptor, also known as WannaCry, Wannacrypt, WNCRY, and Wanna Decryptor 2.0 is a ransomware attack affecting countries and organizations globally.
We've compiled the following resources to help you take immediate action to prepare for and defend against the “ransomworm.” This page will continue to be updated as more information and resources become available.
[WEBCAST: WEDNESDAY, MAY 17 2PM ET / 11AM PT] Wanna Decryptor (WNCRY) Ransomware Explained
Join Tas Giakouminakis, Rapid7's Co-Founder and CTO, and Bob Rudis, Rapid7's Chief Security Data Scientist as they take us through the recent Ransomware disclosure, "WannaCrypt"/"WannaCry" and open the floor for a live Q&A.
[BLOG] Wanna Decryptor (WNCRY) Ransomware Explained
What is involved in the attack, what weakness(es) and systems does it exploit, and what can you do to prevent or recover from this attack? Get the details and learn how to mitigate the impact from future attacks.
[BLOG] Scanning and Remediating WannaCry in InsightVM and Nexpose
Read this post for a step-by-step guide on using InsightVM to scan your network for WannaCry vulnerabilities.
[PODCAST] Security Nation Episode 26: WannaCry Ransomware Explained
On this special edition of Security Nation, host Kyle Flaherty sits down with Josh Feinblum, VP of Information Security at Rapid7, to break down the noise and discuss what happened, what is still happening now, why folks need to take this seriously, and the personal decision that is paying the ransom.
[BLOG] Using Threat Intelligence to Mitigate Wanna Decryptor (WannaCry)
It's not all about indicators of compromose (IOCs). Learn what threat intelligence approaches you can take to deal with WannaCry and prepare yourself for the future.
[PRESENTATION TEMPLATE] CISOs Guide to Communicating WNCRY
Download this editable presentation to help communicate WannaCry to your company and stakeholders.
Preventing and Detecting Ransomware Attacks
Ransomware is malicious software which covertly encrypts your files – preventing you from accessing them – then demands payment for their safe recovery. Like most tactics employed in cyberattacks, ransomware attacks can occur after clicking on a phishing link or visiting a compromised website.
[PODCAST] Understanding Ransomware
The swift rise of ransomware has led many companies to evaluate the risk it presents to their business. In this episode, host Kyle Flaherty explores some of the more common concerns around this attack vector and discusses with Tod Beardsley, Rapid7 security research manager, and returning guest Wade Woolwine.
[VIDEO] Whiteboard Wednesday: Server Ransomware
Watch this week’s Whiteboard Wednesday to learn more about how attackers are using open MongoDB, CouchDB, and Elasticsearch servers, and then check out Bob’s blog post for more on “The Ransomware Chronicles: A DevOps Survival Guide.”
[ON-DEMAND WEBCAST] Ransomware: Don't Believe the Hype of Vendors
In this webcast, learn about snake oil sales techniques around ransomware, the best ways to protect your organization from this threat, disaster recovery processes to have in place, and more.