A US cyber security company is selling the BlueKeep exploit as part of a penetration testing application testing).
The BlueKeep vulnerability, also known as CVE-2019-0708, is a loophole security in service Remote Desktop Protocol (RDP) included in older versions of Windows.
Microsoft has released security patch updates BlueKeep on 14 May και το περιέγραψε σαν "worm" που θα μπορούσε να διαδοθεί με τον ίδιο τρόπο που εξαπλώθηκε το EternalBlue and helped to promote his ransomware outbreak WannaCry.
The vulnerability has been considered extremely dangerous since it was first discovered and Microsoft has he says repeatedly the necessity of updates in all systems.
Even the US National Security Service (NSA), the US Department of Homeland Security, the German BSI Cyber Security Service, the Australian Cyber Security Center, and the UK's National Cyber Security Center have issued security warnings that encourage users and companies to update earlier versions of Windows.
Over the past two months, security researchers have not detected any exploit of BlueKeep online.
Several security companies, however, managed to develop exploits for BlueKeep, but declined to release a PoC because it could be used for malicious purposes, and in global attacks that would resemble WannaCry attacks.
However, on Tuesday July 23, Immunity Inc. announced it has added a fully operational BlueKeep exploit within CANVAS v7.23, a penetration testing tool developed by the company.
In the past, many BlueKeep exploits have been uploaded to GitHub that could hit Windows remote systems if they had RDP open and exposed on the Internet.
CANVAS BlueKeep module of Immunity can achieve remote code execution ie to open a shell on infected computers.
Although CANVAS licenses cost tens of thousands of dollars tens of thousands of dollars, hackers have been known to use pirated copies. Of course there are others who legitimately purchase penetration testing tools (eg Cobalt Strike).
Αυτή είναι η πρώτη φορά που κυκλοφορεί ένα BlueKeep exploit αν και σε πολύ περιορισμένο κοινό. Ωστόσο, αυτοί που μπορούν να αντέξουν το οικονομικό κόστος δεν θα είναι λίγοι. Οι εγκληματίες θα μπορούν να βρουν χρηηματοδότηση από άλλες παράνομες ενέργειες, και φυσικά υπάρχουν και οι υπηρεσίες πληροφοριών, που σε αυτή την περίπτωση "λεφτά υπάρχουν."
If you have not yet updated your systems, you can do so from here.
______________________
- Equifax 20.000 to every person who leaked his data
- ICS Forth more about the hack of Greek domains gr & el
- Facebook Libra: command to stop the project
- Personal Vault OneDrive Encrypted Case from Microsoft