Search the Community
Showing results for tags 'wannacry'.
The WannaCry ransomware attack has been a topic of much discussion in the last few days - and a source of much consternation for system administrators. One of the attack vectors used by WannaCry to spread is a vulnerability in the SMBv1 protocol commonly included with Windows operating systems. This embedded PowerShell datasource reaches out to Windows devices in a LogicMonitor account, and runs the "Get-SMBServerConfiguration" command (available only in Windows Server 2012 and newer) to see if SMBv1 is enabled, and if it is, it will generate a Warning alert for that device (caveat: SMBv1