BlueKeep An American company sells the exploit

An American cyber security company sells BlueKeep exploit as part of a penetration testing application.

The BlueKeep vulnerability, also known as CVE-2019-0708, is one to the Remote Desktop Protocol (RDP) service included in older versions of Windows.

Microsoft was released for the security gap BlueKeep on 14 May and described it as a "worm" that could spread in the same way that it spread EternalBlue and helped to promote his ransomware outbreak WannaCry.

BlueKeep

The vulnerability has been considered extremely dangerous since it was first discovered and Microsoft has he says repeatedly the necessity of updates in all systems.

Even the: National Security Service of (NSA), το αμερικανικό Homeland Security, Germany's BSI cyber security agency, the Australian Cyber ​​Security Center and the UK's National Cyber ​​Security Center have issued security warnings urging users and companies to update older versions of Windows.

Over the past two months, security researchers have not detected any exploit of BlueKeep online.

Several security companies, however, managed to develop exploits for BlueKeep, but declined to release a PoC because it could be used for malicious purposes, and in global attacks that would resemble WannaCry attacks.

However, on Tuesday July 23, Immunity Inc. announced it has added a fully operational BlueKeep exploit within CANVAS v7.23, a penetration testing tool developed by the company. 

In the past, many BlueKeep exploits have been uploaded to GitHub that could hit Windows remote systems if they had RDP open and exposed on the Internet.

CANVAS BlueKeep module of Immunity can achieve remote code execution ie to open a shell on infected computers.

Αν και οι άδειες χρήσης του CANVAS κοστίζουν δεκάδες χιλιάδες δολάρια δεκάδων χιλιάδων δολαρίων, οι είναι γνωστό ότι χρησιμοποιούν πειρατικά αντίγραφα. Φυσικά υπάρχουν κι άλλοι που αγοράζουν νόμιμα τα εργαλεία δοκιμών διείσδυσης (π.χ. το Cobalt Strike).

This is the first time a BlueKeep exploit has been released, albeit to a very limited audience. However, those who can afford it will not be few. Criminals will be able to find funding from other illegal activities, and of course there are intelligence services, in which case "there is money."

If you have not yet updated your systems, you can do so from here.

______________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).