110 matches found
Wormable, Unpatched Microsoft Bug Threatens Corporate LANs
UPDATE Microsoft released an emergency out-of-band patch to fix a SMBv3 wormable bug on Thursday that leaked earlier this week. The a patch for the vulnerability, tracked as CVE-2020-0796, is now rolling out to Windows 10 and Windows Server 2019 systems worldwide, according to Microsoft. On...
Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed
Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 SMBv3 network communication protocol. It appears...
Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed
Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 SMBv3 network communication protocol. It appears...
BlueKeep Attacks Observed Months after Initial Release
The BlueKeep vulnerability, initially released in May 2019, is currently being exploited in the wild. Cybersecurity researchers have spotted initial attacks of Bluekeep RDP vulnerability. Here's a reminder about BlueKeep and instructions for using Qualys to identify attacks and remediate this...
Targeted Ransomware Attacks Hit Several Spanish Companies
Everis, one of the largest IT consulting companies in Spain, suffered a targeted ransomware attack on Monday, forcing the company to shut down all its computer systems until the issue gets resolved completely. Ransomware is a computer virus that encrypts files on an infected system until a ransom...
The latest on BlueKeep and DejaBlue vulnerabilities — Using Firepower to defend against encrypted DejaBlue
Update 11/04/2019: There have been several public reports of active exploitation of CVE-2019-0708, commonly referred to as “BlueKeep.” Preliminary reports indicate that the vulnerability is being exploited by adversaries who are leveraging access to compromised systems to install cryptocurrency...
First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild
Cybersecurity researchers have spotted a new cyberattack that is believed to be the very first but an amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining. In May this year, Microsoft released a patch for ...
Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities
Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in the following operating systems: Windows 7 SP1 Windows Server 2008 R2 SP1 Windows Server 2012 Windows 8.1 Windows Server 2012 R2 Windows 10 Windows Server 2016 Windows...
Shades of BlueKeep: Wormable Remote Desktop Bugs Top August Patch Tuesday List
Microsoft’s August Patch Tuesday release contains updates for 93 CVEs, including 29 that are rated critical in severity. The highest priority of these include four critical remote code-execution RCE vulnerabilities in Remote Desktop Services RDS and a critical RCE flaw in Microsoft Word. Also, tw...
4 New BlueKeep-like 'Wormable' Windows Remote Desktop Flaws Discovered
If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately. Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to th...
4 New BlueKeep-like 'Wormable' Windows Remote Desktop Flaws Discovered
If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately. Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to th...
Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)
Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution RCE vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability CVE-2019-0708, these two vulnerabilities are also ‘wormable’, meaning that a...
Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)
Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution RCE vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability CVE-2019-0708, these two vulnerabilities are also ‘wormable’, meaning that a...
CVE-2019-1181
creationtimestamp| type| source ---|---|--- 2019-08-13 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2019/08/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/ 2019-08-13 23:12:13+00:00| seen| https://t.me/cybershit/558 2019-08-14 04:00:00+00:00| seen|...
CVE-2019-1182
creationtimestamp| type| source ---|---|--- 2019-08-13 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2019/08/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/ 2019-08-13 23:12:13+00:00| seen| https://t.me/cybershit/558 2019-08-14 04:00:00+00:00| seen|...
Threat Source newsletter (June 20, 2019)
Newsletter compiled by Jonathan Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. This week, we disclosed two vulnerabilities in KCodes’ NetUSB kernel module contains that could allow an attacker to inappropriatel...
Working BlueKeep Exploit Developed by DHS
The Department of Homeland Security has confirmed it has developed a working exploit for the “wormable” BlueKeep vulnerability. The agency issued an alert on Monday urging Windows users to update their machines as soon as possible. The alert heightens concerns that malicious actors could soon als...
Microsoft Operating Systems BlueKeep Vulnerability
Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems OSs, including both 32- and 64-bit versions, as well as all Service Pac...
This Week in Security News: Gray Alerts and Wormable Malware
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the new wormable malware that’s dropping a Monero miner in web servers, networks and removable drivers. Also, read about the bes...
BlueKeep 'Mega-Worm' Looms as Fresh PoC Shows Full System Takeover
A researcher has created a proof-of-concept Metasploit module for the critical BlueKeep vulnerability, which successfully demonstrates how to achieve complete takeover of a target Windows machine. Reverse engineer Zǝɹosum0x0 tweeted about his success on Tuesday, noting that he plans to keep the...