Fearing WannaCry-Level Danger, Enterprises Wrestle with BlueKeep
Fears of a WannaCry-level global attack grow as working exploit info starts to go public. Continue reading Fearing WannaCry-Level Danger, Enterprises Wrestle with BlueKeep
Category Archives: bluekeep
BlueKeep guides make imminent public exploit more likely
A public exploit for Microsoft’s BlueKeep vulnerability is just days away. In fact, for those with deep pockets, it’s already here. Continue reading BlueKeep guides make imminent public exploit more likely
Is BlueKeep a Perfect Storm for Health Care?
On May 14, Microsoft published an advisory for a newly discovered remote code execution vulnerability. Given the identifier CVE-2019-0708, the vulnerability has been more popularly named “BlueKeep.” According to the advisory, BlueKeep has … Continue reading Is BlueKeep a Perfect Storm for Health Care?
Wormable BlueKeep Bug Still Threatens Legions of Windows Systems
Two months after the alarm sounded warning of a WannaCry-level event, progress in patching exposed Windows systems varies by country and industry. Continue reading Wormable BlueKeep Bug Still Threatens Legions of Windows Systems
More than 805,000 systems are still exposed to BlueKeep, study finds
Since May, security researchers have been sounding the alarm about the “BlueKeep” vulnerability in old Microsoft Windows operating systems. There has been a large movement to get users to patch for the flaw, which could be exploited at scale. Data released Wednesday by cybersecurity company BitSight Technologies shows a mixed report card on how well organizations have closed that security hole. First, the bad news: as of July 2, more than 805,000 operating systems that are online are still vulnerable to BlueKeep, the Boston-based company said. That leaves a broad potential attack surface for someone who exploits the vulnerability. BlueKeep is “wormable,” meaning the malware could infect systems as it finds its own ways to move from network to network. By abusing the remote access granted by Remote Desktop Services, a Windows program, a hacker could delete data or install a new program on a system. “We are really trying […]
The post More than 805,000 systems are still exposed to BlueKeep, study finds appeared first on CyberScoop.
Continue reading More than 805,000 systems are still exposed to BlueKeep, study finds
From exploits to honeypots: How the security community is preparing for BlueKeep’s moment of truth
Two years after the WannaCry ransomware wreaked havoc on the internet, security professionals are having a grim case of déjà-vu. They’ve tallied the internet-facing computers that aren’t patched for BlueKeep, a vulnerability in old Microsoft Windows operating systems, and wonder when that negligence will come home to roost. “I think everyone is in agreement that once exploits for this are public, it’s going to be bad,” Craig Williams, Cisco Talos’ director of outreach, told CyberScoop. The BlueKeep vulnerability is in Remote Desktop Services, a popular Windows program that grants remote access to computers for administrative purposes. By abusing that remote access, a hacker could delete data or install a new program on a system. “Every CISO right now should have a plan already written down to deal with BlueKeep once the exploit starts surfacing,” Williams said. Organizations need layered defenses so that any BlueKeep-based infection “doesn’t spread like wildfire behind what you […]
The post From exploits to honeypots: How the security community is preparing for BlueKeep’s moment of truth appeared first on CyberScoop.
RDP BlueKeep exploit shows why you really, really need to patch
A video of the exploit shows CVE-2019-0708 being exploited remotely, without authentication. Continue reading RDP BlueKeep exploit shows why you really, really need to patch
Working BlueKeep Exploit Developed by DHS
The Department of Homeland Security urged system administrators to update their Windows machines after testing a working BlueKeep exploit for Windows 2000. Continue reading Working BlueKeep Exploit Developed by DHS
After remote-code test, DHS sounds the alarm on BlueKeep
The Department of Homeland Security has added its voice to a chorus of government and corporate cybersecurity professionals urging users to patch their systems for BlueKeep, a critical vulnerability recently reported in old Microsoft Windows operating systems. DHS’s Cybersecurity and Infrastructure Security Agency said Monday said it had used the BlueKeep vulnerability to execute remote code on a test machine operating Windows 2000. The agency released an advisory reiterating that, like the famed WannaCry ransomware, BlueKeep is “wormable,” in that malware exploiting the vulnerability could spread to other systems. The BlueKeep vulnerability, for which Microsoft published an advisory on May 14, could allow a hacker to abuse the popular Remote Desktop Protocol, which grants remote access to computers for administrative purposes, to delete data or install new programs on a system. When it was disclosed, security experts immediately warned of BlueKeep’s severity, and as of last week, close to 1 million internet-exposed machines were still vulnerable […]
The post After remote-code test, DHS sounds the alarm on BlueKeep appeared first on CyberScoop.
Continue reading After remote-code test, DHS sounds the alarm on BlueKeep
NSA sounds the alarm on BlueKeep: Windows vulnerability opens the door for the next WannaCry
It’s been just over two years since WannaCry, the ransomware that exploited the EternalBlue vulnerability to infect hundreds of thousands of computers around the world and inflict an estimated $8B in damages. If history repeats itself, we’r… Continue reading NSA sounds the alarm on BlueKeep: Windows vulnerability opens the door for the next WannaCry