EternalBlue – Page 9 – WindowsTechs.com

Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability

Posted on June 12, 2017 by Michael Mimoso

Kaspersky Lab said it has seen some of the first exploits targeting a patched Samba vulnerability, and those are being used to mine Monero cryptocurrency. Continue reading Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability→

Threatpost News Wrap, June 9, 2017

Posted on June 9, 2017 by Chris Brook

How EternalBlue was ported to Windows 10, a Facebook phishing study, QakBot, and this week’s Apple security announcements are all discussed. Continue reading Threatpost News Wrap, June 9, 2017→

Windows 10 Mitigations Make Future EternalBlue Attacks Difficult

Posted on June 7, 2017 by Michael Mimoso

Now that researchers have built a port of EternalBlue to Windows 10, they’ve probably only now caught up to what the NSA has had for a long while. Continue reading Windows 10 Mitigations Make Future EternalBlue Attacks Difficult→

NSA’s EternalBlue Exploit Ported to Windows 10

Posted on June 6, 2017 by Michael Mimoso

Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack. Continue reading NSA’s EternalBlue Exploit Ported to Windows 10→

Software vulnerabilities used to spread WannaCry are favorites for hackers, FireEye says

Posted on June 2, 2017 by Chris Bing

The same Microsoft Windows’ software vulnerabilities that allowed the WannaCry ransomware to spread globally are now being used by a wide array of hackers to infect computers with remote access trojans, according to new research by U.S. cybersecurity firm FireEye. The research serves to show just how widespread the use of “EternalBlue,” otherwise known as the MS017-010 exploit, continues to be. Although Microsoft previously issued several different software security updates for older versions of Windows, many computers remain unpatched and therefore vulnerable. The addition of the EternalBlue exploit to Metasploit, software made for penetration testing but which is also used for illegal hacking, “has made it easy for threat actors to exploit these vulnerabilities,” a FireEye blog post reads. “In the coming weeks and months, we expect to see more attackers leveraging these vulnerabilities and to spread such infections with different payloads,” the post says. According to FireEye researchers, well-known malware payloads like […]

The post Software vulnerabilities used to spread WannaCry are favorites for hackers, FireEye says appeared first on Cyberscoop.

Continue reading Software vulnerabilities used to spread WannaCry are favorites for hackers, FireEye says→

EternalBlue Exploit Spreading Gh0st RAT, Nitol

Posted on June 2, 2017 by Tom Spring

FireEye said threat actors are using the NSA’s EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT. Continue reading EternalBlue Exploit Spreading Gh0st RAT, Nitol→

WannaCry Development Errors Enable File Recovery

Posted on June 1, 2017 by Michael Mimoso

Researchers at Kaspersky Lab have found a number of programming errors in the WannaCry ransomware code that put file recovery within reach of sysadmins. Continue reading WannaCry Development Errors Enable File Recovery→

Windows XP Too Unstable To Spread WannaCry

Posted on June 1, 2017 by Darknet

Not a super serious article this one, but I found it very entertaining – apparently, Windows XP has a BSOD (Blue Screen of Death) when faced with a WannaCry infection. There’s a very extension analysis of WannaCry here where this information comes from WannaCry: Two Weeks and 16 Million Averted Ransoms Later. Yes, WannaCrypt can […]

The…

Read the full post at darknet.org.uk

Continue reading Windows XP Too Unstable To Spread WannaCry→

Shadow Brokers double down on zero-day subscription service

Posted on May 30, 2017 by Bill Brenner

Should you dive in and help with the crowdfunding move to access the data they claim they have? It’s not what we’d advise – but what do you think? Continue reading Shadow Brokers double down on zero-day subscription service→

The leaked NSA hacking tool that will wreak havoc for years to come

Posted on May 24, 2017 by Chris Bing

A powerful hacking tool original used by the National Security Agency and subsequently leaked in April by the Shadow Brokers will give defenders problems for years to come as hackers continue to adopt and repurpose the malicious computer code, experts and former U.S. intelligence officials tell CyberScoop. The tool, codenamed EternalBlue, effectively leverages two different coding flaws in older versions of Microsoft Windows to propagate malware on a targeted computer network. In practice, this exploit breaks a network file sharing protocol known as the server message block, or SMB. Although Microsoft promptly released several software updates for affected versions of Windows in March, and then again most recently in May, millions of systems remain unpatched and therefore vulnerable to hackers using EternalBlue. Experts believe that the high-quality exploit will be used in the coming years by both amateurish hackers and sophisticated threat actors to steal information. “EternalBlue will exist and […]

The post The leaked NSA hacking tool that will wreak havoc for years to come appeared first on Cyberscoop.

Continue reading The leaked NSA hacking tool that will wreak havoc for years to come→