An American cyber security company sells BlueKeep exploit as part of a penetration testing application.
The BlueKeep vulnerability, also known as CVE-2019-0708, is a Remote Desktop Protocol (RDP) security vulnerability that is included in earlier versions of Windows.
Microsoft has released security patch updates BlueKeep on 14 May and described it as a "worm" that could spread in the same way that it spread EternalBlue and helped to promote his ransomware outbreak WannaCry.
The vulnerability has been considered extremely dangerous since it was first discovered and Microsoft has he says repeatedly the necessity of updates in all systems.
Even the US National Security Agency (NSA), the US Department of Homeland Security, the German cyber security agency BSI, the Australian Cyber Security Center and the UK National Cyber Security Center have issued security warnings urging users and Companies to update older versions of Windows.
In the past two months, security researchers have not detected any BlueKeep exploits on Internet.
However, several security companies managed to develop exploits for BlueKeep, but refused to release any PoC because it could be used to maliciousυς σκοπούς, και σε παγκόσμιες επιθέσεις που θα έμοιαζαν με τις επιθέσεις του WannaCry.
However, on Tuesday July 23, Immunity Inc. announced it has added a fully operational BlueKeep exploit within CANVAS v7.23, a penetration testing tool developed by the company.
In the past, many BlueKeep exploits have been uploaded to GitHub that could hit Windows remote systems if they had RDP open and exposed on the Internet.
CANVAS BlueKeep module of Immunity can achieve remote code execution ie to open a shell on infected computers.
Although CANVAS licenses cost tens of thousands of dollars tens of thousands of dollars, the hackers they are known to use pirated copies. Of course there are others who buy their penetration testing tools legitimately (eg Cobalt Strike).
This is the first time a BlueKeep exploit has been released, albeit to a very limited audience. However, those who can afford it will not be few. Criminals will be able to find funding from other illegal activities, and of course there are intelligence services, in which case "there is money."
If you have not yet updated your systems, you can do so from here.
______________________
- Equifax 20.000 to every person who leaked his data
- ICS Forth more about the hack of Greek domains gr & el
- Facebook Libra: command to stop the project
- Personal Vault OneDrive Encrypted Case from Microsoft