5 matches found
Conti Ransomware
Conti is a sophisticated Ransomware-as-a-Service RaaS model first detected in December 2019. Since its inception, its use has grown rapidly and has even displaced the use of other RaaS tools like Ryuk. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigati...
Petya expands its scope: A global ransomware threat
Ransomware remains a formidable threat for individual users and businesses alike, particularly as new sample families continue to be discovered by security researchers. What makes ransomware so dangerous is the fact that victims are denied access to their most important files and data - a problem...
Scanner Shows EternalBlue Vulnerability Unpatched on Thousands of Machines
Many digital trees have died for the cause of informing Windows admins about the SMBv1 vulnerability that spawned the WannaCry and ExPetr/NotPetya malware attacks. Yet a relatively small sample of data collected from a freely available tool shows that thousands have not gotten the message, or hav...
SMB Exploited: WannaCry Use of EternalBlue
Server Message Block SMB is the transport protocol used by Windows machines for a wide variety of purposes such as file sharing, printer sharing, and access to remote Windows services. SMB operates over TCP ports 139 and 445. In April 2017, Shadow Brokers released an SMB vulnerability named...
EternalBlue: Metasploit Module for MS17-010
This week's release of Metasploit includes a scanner and exploit module for the EternalBlue vulnerability, which made headlines a couple of weeks ago when hacking group, the Shadow Brokers, disclosed a trove of alleged NSA exploits. Included among them, EternalBlue, exploits MS17-010, a Windows S...