Please review the following article, and there is enough information here to possibly develop a snort rule for it.
https://www.theverge.com/2017/6/27/15883110/petya-notpetya-ransomware-software-update-wannacry-exploit
Please provide your thoughts, comment, etc , on creating IDS rules for this!
Leave a Reply
You must be logged in to post a comment.