Archive for the ‘EternalBlue’ Category

Fancy Bear bites hotel networks as EternalBlue mystery deepens

August 15th, 2017
The attack, presumably to spy on high-value hotel guests, is textbook Fancy Bear, say researchers

Posted in APT28, EternalBlue, Fancy Bear, Hotel, malware, Microsoft, Vulnerability | Comments (0)

APT28, Gmail, Game of Thrones leak, and WannaCry – Hack Naked News #136

August 15th, 2017

Allowing terrible passwords, four arrested in Game of Thrones leak, using EternalBlue to attack hotel guests, and more. Don Pezet of ITProTV joins us to deliver expert commentary on this episode of Hack Naked News! News Too many big online brands allow terrible passwords – Dashlane, a company providing secure authentication mind you, has evaluated the […]

The post APT28, Gmail, Game of Thrones leak, and WannaCry – Hack Naked News #136 appeared first on Security Weekly.

Posted in APT28, chrome, Don Pezet, EternalBlue, Game of Thrones Leak, Gmail, Hack Naked News, hackers, Terrible Passwords, WannaCry | Comments (0)

APT28, Gmail, Game of Thrones leak, and WannaCry – Hack Naked News #136

August 15th, 2017

Allowing terrible passwords, four arrested in Game of Thrones leak, using EternalBlue to attack hotel guests, and more. Don Pezet of ITProTV joins us to deliver expert commentary on this episode of Hack Naked News! News Too many big online brands allow terrible passwords – Dashlane, a company providing secure authentication mind you, has evaluated the […]

The post APT28, Gmail, Game of Thrones leak, and WannaCry – Hack Naked News #136 appeared first on Security Weekly.

Posted in APT28, chrome, Don Pezet, EternalBlue, Game of Thrones Leak, Gmail, Hack Naked News, hackers, Terrible Passwords, WannaCry | Comments (0)

Windows Search Bug Worth Watching, and Squashing

August 14th, 2017
Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren't so ready to do that.

Posted in Check Point, CVE-2017-8620, Daniel Padon, EternalBlue, Microsoft, MS17-010, NotPetya, RiskSense, Sean Dillon, SMBv1, vulnerabilities, WannaCry, Windows Search vulnerability | Comments (0)

APT28 Using EternalBlue to Attack Hotels in Europe, Middle East

August 12th, 2017
Researchers believe attacks against wi-fi systems in hotels across Europe and the Middle East track back to Russian-speaking hackers known as APT28.

Posted in APT28, EternalBlue, FireEye, French political party, Gamefish, Kaspersky Lab, malware, NBT-NS, NetBIOS Name Service, privacy, Python scripts, Sofacy, Web Security, wi-fi hacks | Comments (0)

Microsoft Patches Critical Windows Search Vulnerability

August 8th, 2017
Microsoft patched 25 critical vulnerabilities, including a remote code execution bug in Windows Search.

Posted in adobe, CVE-2017-8620, DEF CON, denial-of-service vulnerability, elevation of privilege vulnerability, EternalBlue, hacks, Linux, Microsoft Patch Tuesday, Petya, remote code execution, SMBLoris attack, vulnerabilities, WannaCry, Web Security, Windows Hyper-V, Windows Search, Windows Subsystem | Comments (0)

Researchers say WannaCry operator moved bitcoins to “untraceable” Monero

August 4th, 2017

Enlarge (credit: Monero)

When the master or masters of the WannaCry cryptoransomware worm emptied the bitcoin wallets associated with the malware earlier this week, they apparently did so to make future movement of the funds more anonymous. According to researchers at the Italian information security firm Neutrino, the bitcoin were exchanged for XMR, the "untraceable" private digital currency backed by Monero.

On Wednesday, the 52.2 bitcoins in the wallet were drained out over nine transactions, as detected by a bot created by Quartz's Keith Collins. Neutrino researchers traced the moved bitcoins to wallets associated with Monero.

Monero is a private digital currency that is focused on anonymity. While it is based on blockchain like other cryptocurrencies and uses distributed consensus for all transactions to prevent wallet hacking, it uses "ring signatures"—an anonymous cryptographic signature scheme—to sign transactions. This makes it impossible to tell which parties were involved in a transaction when examining the blockchain itself.

Read 2 remaining paragraphs | Comments

Posted in bitcoin, cryptocurrencies, EternalBlue, Monero, north korea, NSA leaks, ShadowBrokers, Tech | Comments (0)

Motivation Mystery Behind WannaCry, ExPetr

July 21st, 2017
A shift in APT tactics is emerging as characterized by the destructive ExPetr attacks hidden in ransomware, and WannaCry, which also failed to turn a profit.

Posted in destructive attacks, EternalBlue, ExPetr, malware, NotPetya, ransomware, WannaCry, Wiper malware | Comments (0)

Threatpost News Wrap, July 14, 2017

July 14th, 2017
Mike Mimoso and Chris Brook discuss the news of the week, including the Verizon breach, the Oracle session hijacking attack, a Telegram-based hacking tool, and a free EternalBlue scanner.

Posted in EternalBlue, EternalBlues, ExPetr, Imperva, malware, NICE Systems, OAM 10g, oracle, Oracle Access Manager, privacy, Telegram, verizon, Verizon breach, vulnerabilities, WannaCry | Comments (0)

Microsoft Patch Tuesday Update Fixes 19 Critical Vulnerabilities

July 11th, 2017
Microsoft releases a total of 57 security patches, part of its July Patch Tuesday, with 20 rated critical.

Posted in ActiveX, Cross site scripting, EDGE, elevation of privilege vulnerabilities, EternalBlue, hacks, hololens, IE, Microsoft, Microsoft office, Microsoft Patch Tuesday, office, rce, remote code execution vulnerabilities, scriptkiddies, SMB, vulnerabilities, Web Security, Windows 10, zero day initiative | Comments (0)