EternalBlue – Page 6 – WindowsTechs.com

Meet the French researcher the Shadow Brokers keep calling out

Posted on November 2, 2017 by Chris Bing

The Shadow Brokers appear to be obsessed with Matthieu Suiche. A bevy of security researchers have spent time studying the mysterious group of hackers best known for leaking a cache of National Security Agency hacking tools. But Suiche is one of few analysts to have been called out by the Shadow Brokers multiple times, with the acknowledgement straddling the line between begrudging respect and reverent admiration. No one, even Suiche, understands why. A 29-year-old French security researcher and entrepreneur, Suiche is one of the foremost experts when it comes to the peculiar group. In an effort to understand why and who The Shadow Brokers — an entity still at the center of an expansive federal counterintelligence investigation — are so enamored by his work, it’s important to understand how Suiche’s background led to this point in time. In late July, Suiche spoke at the large Vegas-based cybersecurity conference known as BlackHat about […]

The post Meet the French researcher the Shadow Brokers keep calling out appeared first on Cyberscoop.

Continue reading Meet the French researcher the Shadow Brokers keep calling out→

Leaked NSA tools were once again used in a global ransomware attack

Posted on October 27, 2017 by Chris Bing

Another global ransomware outbreak was powered with a leaked, fully operational NSA hacking tool that had been released by The Shadow Brokers, according to researchers with cybersecurity firms Cisco Talos, IB Group and Symantec. The latest international ransomware incident occurred on Tuesday and primarily affected computers in Ukraine and Russia. Analysts studying malware samples connected to this event, dubbed “BadRabbit,” found Thursday that the carefully prepared attack contained an exploit known as “EternalRomance.” Update: Talos has identified an eternal romance component and more! https://t.co/H4BAi4wRhE — Craig Williams (@security_craig) October 26, 2017 Some researchers say the BadRabbit operation had been planned for months, dating back perhaps to as far as Feb. 2017, according to FireEye, or July 2017, based on digital evidence found by Kaspersky Lab. It appears the attackers behind #Badrabbit have been busy setting up their infection network on hacked sites since at least July 2017. pic.twitter.com/fV5U1FeVtR — Costin Raiu […]

The post Leaked NSA tools were once again used in a global ransomware attack appeared first on Cyberscoop.

Continue reading Leaked NSA tools were once again used in a global ransomware attack→

EternalRomance Exploit Found in Bad Rabbit Ransomware

Posted on October 26, 2017 by Michael Mimoso

Researchers at Cisco found a modified version of the leaked NSA exploit EternalRomance in this week’s Bad Rabbit attack. Continue reading EternalRomance Exploit Found in Bad Rabbit Ransomware→

Bad Rabbit Linked to ExPetr/Not Petya Attacks

Posted on October 25, 2017 by Michael Mimoso

Researchers have linked the Bad Rabbit ransomware attack to this summer’s ExPetr/Not Petya outbreak. Continue reading Bad Rabbit Linked to ExPetr/Not Petya Attacks→

Microsoft Patches Office Bug Actively Being Exploited

Posted on October 10, 2017 by Tom Spring

Microsoft’s Patch Tuesday security bulletin includes 62 fixes for vulnerabilities tied to Office, SBM1 and the Windows DNS client. Continue reading Microsoft Patches Office Bug Actively Being Exploited→

Microsoft Patches Office Bug Actively Being Exploited

Posted on October 10, 2017 by Tom Spring

The leaked NSA hacking tools keep showing up in criminal schemes

Posted on September 25, 2017 by Chris Bing

A hacking tool linked to the NSA continues to be used by cybercriminals in efforts to remotely steal money and confidential information from online banking users, according to research conducted by U.S. cybersecurity firm Proofpoint. In a recent blogpost by company researchers, Proofpoint said it had discovered two different banking trojans in the wild with computer code taken from a now publicly available exploit known as “EternalBlue,” or CVE-2017-0144. EternalBlue is believed to have been used by the NSA to gather intelligence. Originally leaked in April, the exploit works by targeting a dated vulnerability in Microsoft’s Server Message Block protocol. The vulnerability affects outdated versions of several different Microsoft operating systems. Microsoft already released a patch to fix the issue. In practice, EternalBlue will allow a hacker to quickly compromise multiple computers on a shared network as long as they are all similarly running dated software. “Patching Windows can take a […]

The post The leaked NSA hacking tools keep showing up in criminal schemes appeared first on Cyberscoop.

Continue reading The leaked NSA hacking tools keep showing up in criminal schemes→

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

Posted on September 22, 2017 by Tom Spring

Banking Trojan Retefe is adopting new WannaCry tricks, adding an EternalBlue module to propagate the malware. Continue reading EternalBlue Exploit Used in Retefe Banking Trojan Campaign→

Fancy Bear bites hotel networks as EternalBlue mystery deepens

Posted on August 15, 2017 by John E Dunn

The attack, presumably to spy on high-value hotel guests, is textbook Fancy Bear, say researchers Continue reading Fancy Bear bites hotel networks as EternalBlue mystery deepens→

APT28, Gmail, Game of Thrones leak, and WannaCry – Hack Naked News #136

Posted on August 15, 2017 by Paul Asadoorian

Allowing terrible passwords, four arrested in Game of Thrones leak, using EternalBlue to attack hotel guests, and more. Don Pezet of ITProTV joins us to deliver expert commentary on this episode of Hack Naked News! News Too many big online brands allow terrible passwords – Dashlane, a company providing secure authentication mind you, has evaluated the […]

The post APT28, Gmail, Game of Thrones leak, and WannaCry – Hack Naked News #136 appeared first on Security Weekly.

Continue reading APT28, Gmail, Game of Thrones leak, and WannaCry – Hack Naked News #136→