worms

a self-spreading type of malware which automatically executes its payload

IoCs

• known malicious files
• downloads of additional components
• Command and Control C&C traffic
• known malicious IP contact
• malicious use of system commands
• hands-on-keyboard attacker activity

Defences

• firewalls
• Intrusion Prevention Systems (IPS)
• network segmentation
• patching
• good service configuration
• anti-malware
• Endpoint Detection and Response (EDR)