SentinelOne vs WannaCry

SentinelOne successfully detects and block this ransomware strain. No update is needed.

WannaCry does not seem to be the end of these threats. Attackers can use these same exploits to not only lock up data to demand ransom but also to steal employee credentials to exfiltrate other sensitive information (think of this as a two-for-one attack – advanced threat combined with ransomware). Worse yet, as seen in this particular case, attackers can bypass traditional and next-generation security measures, including hundreds of intelligence, feeds. Further, security researchers who’ve tested security tools claim that these threats bypass 99% of security tools out there and we’re likely sitting with thousands and more computers infected across several industries. Buyers are asking to validate the effectiveness of various traditional and next-generation endpoint security suites against the EternalBlue and Doublepulsar exploits/backdoor. These threats were unearthed by “The Shadow Brokers” hacking group and are said to have been used by the NSA-linked Equation Group to launch cyber-attacks. The EternalBlue exploit received recent worldwide attention due to the WannaCry outbreak that used this exploit to infect over 230,000 machines in over 150 countries. WannaCry does not seem to be the end of these threats. Attackers can use these same exploits to not only lock up data to demand ransom but also to steal employee credentials to exfiltrate other sensitive information (think of this as a two-for-one attack – advanced threat combined with ransomware). Worse yet, as seen in this particular case, attackers can bypass traditional and next-generation security measures, including hundreds of intelligence, feeds. Further, security researchers who’ve tested security tools claim that these threats bypass 99% of security tools out there and we’re likely sitting with thousands and more computers infected across several industries.

Another interesting aspect is the tactics used by WannaCry to other capabilities that may be exploited in the future. For instance, WannaCry is a strain of Windows ransomware that took advantage of the EternalBlue exploit along with a file-based payload. However, the EternalBlue exploit could easily be used with fileless (in-memory) malware that can completely work around the defenses of solutions that miss the exploit or focus on file-based detection. This methodology is discussed in the blog and was also used in the wild by another ransomware family dubbed UIWIX. In other words, customers without holistic protection will leave themselves exposed to another WannaCry-like attack in the future. So look at your security vendors carefully. To learn more about how SentinelOne can help, check out our Endpoint Protection Platform or contact us for a free demo.

Lesen youtubevideos

SentinelOne vs WannaCry

youtubevideos

Verwandte Ressourcen

youtubevideos

Ask Me Anything | MITRE ATT&CK Round 2 Results 2020

Jetzt beobachten

Webinar

Threat Briefing: First Quarter 2026

The gap between "theoretical security" and "operational reality" has never been wider. While industry headlines focus on saturated benchmarks and "state-of-the-art" claims, real-world defenders are navigating a landscape of shifting geopolitical tensions, novel attack vectors, and the messy complexity of multi-vendor environments. Join our panel of researchers and industry experts for a 45-minute deep dive into: Macro Intelligence: A geopolitical overview of current campaigns and how global shifts impact your organization’s risk profile and internal messaging. Regional Adversary Analysis: Nuanced breakdowns of the specific TTPs hitting your region. The Defensive Playbook: Practical, authoritative recommendations for hardening your environment and shifting from reactive patching to proactive, intelligence-led hunting.

Jetzt beobachten

Webinar

Three Attacks, Three Weeks: A Technical Autopsy of the AI Supply Chain Crisis

In a three-week span in the spring of 2026, the security landscape shifted. Three distinct threat actors, including a North Korean state-sponsored operator launched Tier-1 supply chain attacks against widely trusted software: LiteLLM (AI infrastructure), Axios (the most downloaded JavaScript HTTP client), and CPU-Z (a trusted system utility). No perimeter was breached. The attack arrived through trusted software organizations had already approved. This is the attack vector boards need to understand: sophisticated adversaries are targeting dependencies, not defenses. Trusted software is now the weapon. The board-level question that follows is: what is our maximum probable loss if a dependency in our build pipeline is weaponized against us? Most organizations cannot answer that today.

Jetzt beobachten

Webinar

AI vs. AI The New Battleground for Enterprise Security

In this webinar, SentinelOne Principal Evangelist Chris Hosking explores real-world case studies of AI-enabled attacks in the wild, the growing risks of AI sprawl inside your organization, and the emerging adversarial threat landscape targeting AI systems directly. Then, see how Autonomous Security Intelligence fights back . From behavioral AI that stopped the LiteLLM zero-day in under 44 seconds to technique-level detection that requires zero hashes, discover what it looks like when security operates at the same speed, scale, and intelligence as the threats it faces. AI for security. Security for AI. This is the new operating advantage.

Jetzt beobachten