Tomorrow, May 12, is the one-year anniversary of the WannaCry ransomware outbreak. Exactly one year after the biggest cyber-security incident in history, the exploit at the heart of the WannaCry attack is now more popular than ever, according to telemetry data gathered by Slovak antivirus vendor ESET.
Security researchers have detected a new wave of cryptocurrency-mining malware infecting servers across the web, and this one is using multiple exploits to gain access to vulnerable and unpatched systems to install a Monero miner.
A security researcher has ported three leaked NSA exploits to work on all Windows versions released in the past 18 years, starting with Windows 2000.
Over 526,000 Windows computers —mainly Windows servers— have been infected with Monero mining software by a group that operates the biggest such botnet known to date.
After the US government has spent probably millions of dollars developing hacking tools, Russian hackers are now using them to spy on guests across hotels in Europe and the Middle East.
Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system.
The developer of a tool named Eternal Blues that scans for computers vulnerable to the NSA's ETERNALBLUE exploit has published statistics gathered from the app's usage.
Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit.
There are early signs of a new ransomware outbreak, currently affecting a large number of countries across the globe, such as the UK, Ukraine, India, the Netherlands, Spain, Denmark, and others.
There are 2,306,820 devices connected to the Internet at the moment that feature open ports for SMB services, the same protocol that was used to infect hundreds of thousands of computers with the WannaCry ransomworm a month ago.
Experts at RiskSense have ported the leaked NSA exploit named ETERNALBLUE for the Windows 10 platform. This is the same exploit that was used by the WannaCry ransomware as part of its SMB self-spreading worm in the mid-May WannaCry outbreak that affected over millions of computers across the world.
ETERNALBLUE, an alleged NSA exploit targeting the SMBv1 protocol leaked by the Shadow Brokers in mid-April, has become a commodity hacking tool among malware developers.
A ransomware called Uiwix has been discovered to be using the EternalBlue exploit to infect vulnerable victims. While Uiwix is still being researched, this article will provide details on what is currently known.
New evidence has revealed that nearly three weeks before the WannaCry ransomware outbreak, at least one cybercrime group was using the same NSA exploits — ETERNALBLUE and DOUBLEPULSAR — to infect computers with malware that mined for the Monero cryptocurrency.