On the morning of 27th June, a ransomware outbreak - bearing some of the characteristics of last years’ Petya malware attack – was discovered emanating from the Ukraine. The malware has since spread across Europe, the Far East and the US.
While details are still emerging, the Petya-like attack attempts to spread to other hosts using the Server Message Block (SMB) protocol by exploiting the ETERNALBLUE vulnerability (CVE-2017-0144) on Microsoft Windows systems. This vulnerability was publicly disclosed by the Shadow Brokers group in April 2017, and was addressed by Microsoft in March 2017 with the MS17-010 update.
Analysis is ongoing, but it is recommended you ensure the MS17-010 patch is installed, and unpatched Windows systems are removed from the network.