Windows 'BlueeKeep' Vulnerability Being Exploited for Remote Attacks: Report
Just months after the The states National Security Agency (NSA) advised Microsoft Windows users to update their systems to mitigate the critical BlueKeep vulnerability (Microsoft Windows RDP CVE 2019-0708), reports propose that the problems is already being exploited in the wild by hackers to carry out 'devastating' attacks that are rendering computer networks in several countries virtually unusable.
Believed to have been outset reported by cyber-security researcher, Kevin Beaumont, the BlueKeep campaign is obviously being carried out at least over the past two weeks. Beaumont's discovery was confirmed by Marcus Hutchins, the British security researcher known for temporarily stopping the WannaCry ransomware outbreak in 2017 and who now, works for cyber-security business firm, Kryptos Logic.
huh, the EternalPot RDP honeypots have all started BSOD'ing recently. They merely betrayal port 3389. pic.twitter.com/VdiKoqAwkr
— Kevin Beaumont (@GossiTheDog) November 2, 2019
According to Hutchins, the shellcode of the BlueKeep exploit attempts in the wild matches with that of the shellcode in the proof-of-concept BlueKeep module released by the Metasploit pen-testing team earlier this year. While other security researchers had deleted the all-important exploit code before releasing their demo modules, Metasploit's version was advanced plenty for remote code execution, which is why information technology is now being exploited by criminals.
In case y'all don't know information technology already, BlueKeep is a vulnerability in the Remote Desktop Protocol (RDP) service in older versions of the Windows operating arrangement (Windows XP, Windows 2003, Windows 7, Windows Server 2008 and Windows Server 2008 R2), and was patched back in the May 2019, following warnings nigh a possible attack exploiting the potent metasploit module.
Microsoft warned users and system administrators to employ the patches as soon equally possible, merely not everyone obviously paid heed. Thankfully, even so, the accomplish and scale of these attacks are nowhere virtually what one saw with EternalBlue, the exploit at the heart of the notorious WannaCry, NotPetya and Bad Rabbit ransomware outbreaks of 2017.
Source: https://beebom.com/windows-bluekeep-vulnerability/
Posted by: pettiesblecliked1962.blogspot.com
0 Response to "Windows 'BlueeKeep' Vulnerability Being Exploited for Remote Attacks: Report"
Post a Comment