CounterACT is NOT Vulnerable to this Malware. We provide a mitigation via the use of Security Policy Template
On Oct 24th, ESET reported outbreak of new ransomware infections spreading globally through many countries around the world. US-CERT has escalated this and confirmed this as a suspected variant of Petya. Bad Rabbit is ransomware—malicious software that infects a computer and restricts user access to the infected machine until a ransom is paid to unlock it.
Security Policy Templates, version 184.108.40.2066 is available. This release contains the new policy template to address the Bad Rabbit infestation. In addition, it also includes the templates for IoT Reaper and WPA2 KRACK vulnerabilities that were released in Security Policy Template v17.0.10.
Policies created with the “Bad Rabbit” template evaluates whether the endpoints in the policy scope are vulnerable to Bad Rabbit ransomware. Endpoints not yet infected can be “vaccinated” by running a VBS script on the endpoint that creates a file which prevents infection.
THIS ALERT IS PROVIDED ON AN “AS IS” BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. THE USE OF THE INFORMATION IN THIS ALERT OR MATERIALS LINKED FROM THIS ALERT ARE AT YOUR OWN RISK. FORESCOUT RESERVES THE RIGHT TO CHANGE OR UPDATE THIS ALERT AT ANY TIME AT FORESCOUT’S SOLE DISCRECTION
ForeScout Confidential and Proprietary
This Alert contains ForeScout proprietary and confidential information and is subject to your confidentiality obligations to ForeScout. This Alert is not meant for general dissemination and may only be used by the rend-customer in connection with the products and/or services reflected in this Alert. Any unauthorized use, dissemination, or the like of this Alert in whole or in part is strictly prohibited.