Anyone knows if dharma ransomware and variants still depends or uses Microsoft's vulnerability on Windows SMB Server?
(Security Update for Microsoft Windows SMB Server 4013389)
Since "wannacry" attacks, I saw that all efforts to minimize the ransomware/all-variants are trying to detect before file encryption. Great effort of course but useless if you alredy have encrypted files.
With this in mind the only way to solve the problem is reinstalling the SO and backups, that's correct?
Edited by aoluggo, 24 May 2018 - 02:44 PM.