These are quick first looks and trend and threats


Read More >>
Written by the security and AV professionals from team K7, meant for the general audience
Read More >>
These are usually articles that go into internals of a virus or deal with security issues
Read More >>
Senior managers speak on areas of interest to them, inside and outside the industry
Read More >>

Petya or NotPetya, We’re Gonna Get Ya

In our last blog we assured users of K7 Security products that they are protected against the destructive Petya ransomware. The good news is that we’ve just tightened the noose even further! Now, not only Petya but also other malware which may exhibit similar modus operandi are going to be robustly and proactively blocked. This is an effort to safeguard our users from any such ransomware attacks in future.

Let’s have a gander through what we have done:

  • Blocking the Petya ransomware at the very early stages, even before it enters a computer by including an IDS signature to block all currently known versions of EternalBlue type packets attempting to exploit MS17-010.

  • In order to tackle a situation where a malware like Petya attempts to affect the boot area, we have reinforced a protection rule in our security products to block unauthorized writes to the Master Boot Record (MBR).

  • Last but not least, we tweaked our “Ransomware Protection” logic to block the encryption procedure peculiar to Petya.

As always, we at K7 Engineering focus on complete protection at multiple layers for our users so as to safeguard them from any (new) malware occurrences.

K7 Engineering

If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed

Leave a Reply