6 matches found
USB-based Wormable Malware Targets Windows Installer
Credit: Red Canary Wormable malware dubbed Raspberry Robin has been active since last September and is wriggling its way through USB drives onto Windows machines to use Microsoft Standard Installer and other legitimate processes to install malicious files, researchers have found. Researchers at...
Q&A: Insights from the Red Canary 2020 Threat Detection Report
In light of the latest update to the MITRE ATT&CK framework, Red Canary has developed a Threat Detection Report uncovering the top techniques attackers use to target your organization. To understand the significance of the report, we turned to two of VMware Carbon Black’s top threat experts, Greg...
Critical Patch Released for 'Wormable' SMBv3 Vulnerability — Install It ASAP!
Microsoft today finally released an emergency software update to patch the recently disclosed very dangerous vulnerability in SMBv3 protocol that could let attackers launch wormable malware, which can propagate itself from one vulnerable computer to another automatically. The vulnerability, track...
This Week in Security News: Gray Alerts and Wormable Malware
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the new wormable malware that’s dropping a Monero miner in web servers, networks and removable drivers. Also, read about the bes...
Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security
On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. Shortly thereafter, one of these exploits was used to create wormable malware that we now know as WannaCrypt, which targeted a large number of...
Wanna Cry Again? NSA’s Windows 'EsteemAudit' RDP Exploit Remains Unpatched
Brace yourselves for a possible 'second wave' of massive global cyber attack, as SMB Server Message Block was not the only network protocol whose zero-day exploits created by NSA were exposed in the Shadow Brokers dump last month. Although Microsoft released patches for SMB flaws for supported...