I haven't seen any posts about this besides one from a few months ago. Stay safe folks! Keep your security patches up to date! I wish you all well!

I can add:
* keep your USB backup drives DISCONNECTED from the PC.
* do not expose your Network based backup storage as a writable shared disk.
 
Note that unlike previous incarnations, which was distributed as a malware (it had to be "clicked" to become active), the last version can be locally distributed as a virus, so can be activated on vulnerable system without user actions. At least that is how I have understood (I must say rather pure) description in the Internet.
The good news (if I understand the procedure correctly, I have analyzed only previous version but "registration of one domain name has solved future distribution" confirms that), encryption code is still downloaded from the Internet. I mean even when virus is already in the local system and now wants activate a new system, that is not going to work. In other words if your particular computer is not infected already, it can not be infected by the version injected 3 days ago.
 

This particular malware exploits a flaw that Microsoft released a patch for in the monthly rollups for supported systems in March 2017.  https://technet.microsoft...rary/security/MS17-010
 
Apparently when one system gets infected, this thing can spread by worming it's way into all vulnerable systems on that network.
 
So if you installed the March updates, you should be good.  There is also a special patch available for Win XP and other recently unsupported Windows systems available from the Microsoft catalog.
 
There is evidence that in many ransomware cases such as this, the initial infection arrives as an email attachment that executes a .hta file.  This connects to a malware domain over the web, and downloads the payload.
 
So stay patched, run a good AV, and don't open any sketchy email attachments! 

azslow3
 
The good news (if I understand the procedure correctly, I have analyzed only previous version but "registration of one domain name has solved future distribution" confirms that), encryption code is still downloaded from the Internet. I mean even when virus is already in the local system and now wants activate a new system, that is not going to work. In other words if your particular computer is not infected already, it can not be infected by the version injected 3 days ago.
 

That was a clever hack of the "killswitch" domain.  https://www.wired.com/2017/05/accidental-kill-switch-slowed-fridays-massive-ransomware-attack/
 
But some experts are warning that since this exploit is now "in the wild", it will be simple for the bad guys to create variants that bypass this fix used against the latest exploit.  Possibly more to come!

for geeks only:
https://arstechnica.com/information-technology/2017/05/wanna-decryptor-kill-switch-analysis/
https://tech.slashdot.org/story/17/05/15/114201/cyberattacks-from-wannacry-ransomware-slow-but-fears-remain?utm_source=rss1.0mainlinkanon&utm_medium=feed
https://www.techdirt.com/articles/20170512/16332437353/leaked-nsa-hacking-tool-global-ransomware-rampage.shtml
stay safe out there!

Lots of decent people can get hurt with hacks like this one that is going on ..
I hope they catch the D Bags ....
My Chromebook has been working over time lately
 
Kenny
 

Things like this are the reason you have to shut down a bunch of Win10 defaults for sharing and updating your system. I think the initial infections came through systems running XP. Of course that means big business and hospitals.

Get a Mac.
Edith: Macallan 1981. Nice.

Fleer
Edith: Macallan 1981. Nice.

Oooh...   Macallan's 1981?  As in aged 35 years?  Nice.

All you folks in the UK who may have had their surgeries cancelled due to this malware, you can thank our NSA.
 
The NSA identified the exploit years ago that allows this virus to propagate itself quickly over a LAN. But rather than notify Microsoft about it so that a defense could be patched into Windows, they elected to keep this information to themselves and use it for their own purposes.
 
The NSA then wrote software that capitalized on the exploit, presumably in order to infiltrate terrorist networks. Eventually, that software was stolen and released to the world, making it relatively easy for even technically semi-literate criminals to adapt it to their own nefarious schemes.
 
So to all you inconvenienced NHS patients, we American taxpayers say "you're welcome".