https://community.cisco.com/t5/network-security/sourcefire-petya-ransomeware/m-p/3026951#M42737 <P>Hi Cisco Support!</P> <P></P> <P>May we know if Sourcefire can now block the latest trends Petya Ransomeware? What is the latest VDB/signature update on IPS?</P> <P></P> <P>Thanks!</P> Sun, 10 Mar 2019 13:52:15 GMT ccg-security 2019-03-10T13:52:15Z https://community.cisco.com/t5/network-security/sourcefire-petya-ransomeware/m-p/3026951#M42737 <P>Hi Cisco Support!</P> <P></P> <P>May we know if Sourcefire can now block the latest trends Petya Ransomeware? What is the latest VDB/signature update on IPS?</P> <P></P> <P>Thanks!</P> Sun, 10 Mar 2019 13:52:15 GMT https://community.cisco.com/t5/network-security/sourcefire-petya-ransomeware/m-p/3026951#M42737 ccg-security 2019-03-10T13:52:15Z https://community.cisco.com/t5/network-security/sourcefire-petya-ransomeware/m-p/3026952#M42738 <H3 class="post-title entry-title" itemprop="name"><A href="http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html">New Ransomware Variant "Nyetya" Compromises Systems Worldwide</A></H3> Wed, 28 Jun 2017 05:39:06 GMT https://community.cisco.com/t5/network-security/sourcefire-petya-ransomeware/m-p/3026952#M42738 Leo Laohoo 2017-06-28T05:39:06Z https://community.cisco.com/t5/network-security/sourcefire-petya-ransomeware/m-p/3026953#M42739 <P>As noted in the TALOS blog Leo linked - yes NGFW/NGIPS will prevent the compromise (assuming it is setup correctly).</P> <P>The same Snort Rule Update <SPAN>(released back in April)&nbsp;</SPAN>that covered Microsoft's MS17-010 blocks the CnC traffic.</P> <P>The incoming infection can be blocked by AMP if you have it licensed and a file protection policy in place.</P> Wed, 28 Jun 2017 10:31:07 GMT https://community.cisco.com/t5/network-security/sourcefire-petya-ransomeware/m-p/3026953#M42739 Marvin Rhoads 2017-06-28T10:31:07Z