WannaCry 수준의 위험에 대한 두려움, 기업들이 BlueKeep과 씨름

ment 7/30 '19 posted (7/30 '19 edited) 뉴스 IT

• 연구자들은 이 취약점에 대해 매우 걱정하고 있었으므로, 몇 달 동안 아무도 개념 증명 코드를 공개한 적이 없습니다.

• 허친스는 "원격 코드 실행이라는 용어를 사용하여 공격자가 대상 장치에서 코드를 실행하는 것을 가능하게 한다"며 "RCE가 이용 가능하게 될 때 놀라지 않을 것입니다 "고 말했습니다. 공격자가 모든 권한을 가져가는겁니다.

• WannaCry를 막는데 도움을 준 보안 연구원인 Marcus Hutchins는 한 그룹이 이미 BlueKeep 스캐너를 그들의 암호 통화 채굴 악성 코드에 구현했기 때문에 범죄자들이 좋은 BlueKeep 익스플로잇을 개발하기까지는 불과 몇 주가 안남았다고 합니다.

• 어떤 경우에도 BlueKeep에 취약한 Windows 운영 체제 버전을 실행하는 경우 패치하거나 완화해야합니다.

• 배경으로, BlueKeep 취약점 (CVE-2019-0708) RCE 결함은 원격 데스크톱 서비스에 존재하며 Windows 7, Windows XP, Server 2003, Server 2008 및 Server 2008 R2를 포함한 이전 버전의 Windows에 영향을줍니다.

• "우리는 WatchBog- 2018 년 말부터 실행된 암호화 통화 마이닝 봇넷 -의 새로운 버전을 발견했다. 우리는 6 월 상순 이후의 새로운 캠페인으로 4,500 대 이상의 Linux 시스템이 손상된 것으로 의심되고있다 "

• "새로운 Linux 익스플로잇 중, 이 버전의 WatchBog는 BlueKeep RDP 프로토콜 취약점 스캐너 모듈을 구현합니다. WatchBog는 향후 대상이 될 수 있는 취약한 시스템 목록을 준비하고 있거나 타사 공급 업체에 팔려는 제품입니다.

• BitTight 보안 연구 책임자 Dan Dahlberg에 따르면 전체적으로 BlueKeep 캠페인의 전환점이 야생에 나타나기 시작한 시점이 늦어지기보다는 곧 빨라지는 것으로 나타났습니다.

• 7 월 2 일 현재, BlueKeep에 취약한 약 805,665 개의 시스템이 온라인 상태로 유지되고 있으며, 회사의 최근 상태 업데이트에 따르면 5 월의 1 백만 대에 비해 감소했습니다.

Cybersecurity Firm Drops Code for the Incredibly Dangerous Windows ‘BlueKeep’ Vulnerability [www.vice.com]

Fearing WannaCry-Level Danger, Enterprises Wrestle with BlueKeep [threatpost.com]

https://www.zdnet.com/article/us-company-selling-weaponized-bluekeep-exploit/

newest replies popular replies

Open Wiki - Feel free to edit it. -

7/30 '19 answered

Several researchers have delayed their PoCs for "Bluekeep" b/c of its potential for massive exploitation.

With this release (and I'm NOT shaming the contractor) I imagine that we'll now see dozens of PoCs in the wild.

PATCH. YOUR. BOXES.https://t.co/xMPvWTDr11
— Rev. Robert R. Ballecer, SJ (@padresj) July 27, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/WcIOg2O5dE via @InfoSecHotSpot pic.twitter.com/S2UWj7Q87I
— Sean Harris (@InfoSecHotSpot) July 29, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/GosHim4OJS via @InfoSecHotSpot pic.twitter.com/icIJT18Gry
— Sean Harris (@InfoSecHotSpot) July 28, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/G7HJKDjrE8 via @InfoSecHotSpot pic.twitter.com/Ybuz6dpj0J
— Sean Harris (@InfoSecHotSpot) July 28, 2019

https://twitter.com/InfoSecHotSpot/status/1155314122743078912

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/vGVlRxe0qs via @InfoSecHotSpot pic.twitter.com/KzMZ6t51sG
— Sean Harris (@InfoSecHotSpot) July 29, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/gtzmSoThAZ via @InfoSecHotSpot pic.twitter.com/S7sYO029G6
— Sean Harris (@InfoSecHotSpot) July 28, 2019

Researchers from U.S. government contractor Immunity have developed a working exploit for the feared Windows bug known as BlueKeep. https://t.co/iYFUrBUhuf
— Adam Levin (@Adam_K_Levin) July 27, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/v3qUEpUpiI via @InfoSecHotSpot pic.twitter.com/hcYcQzDnYa
— Sean Harris (@InfoSecHotSpot) July 28, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/Io3QUYDzT0 via @InfoSecHotSpot pic.twitter.com/8onqXgPNlG
— Sean Harris (@InfoSecHotSpot) July 27, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/owhlKxtDq4 via @InfoSecHotSpot pic.twitter.com/wIo4uOl4hn
— Sean Harris (@InfoSecHotSpot) July 28, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/2xeq2RveZZ via @InfoSecHotSpot pic.twitter.com/8IRUQiu8KY
— Sean Harris (@InfoSecHotSpot) July 28, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/7HdQmEkOGt via @InfoSecHotSpot pic.twitter.com/STNhtCyLjc
— Sean Harris (@InfoSecHotSpot) July 27, 2019

In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been ... https://t.co/d4cTaD5jm1 via @InfoSecHotSpot pic.twitter.com/peMsLt8DvP
— Sean Harris (@InfoSecHotSpot) July 28, 2019

Fears of a WannaCry-level global attack grow as working exploit info starts to go public. https://t.co/gz2o31YtmZ via @InfoSecHotSpot pic.twitter.com/pZRlBf7UM7
— Sean Harris (@InfoSecHotSpot) July 29, 2019

US company selling weaponized BlueKeep exploit: An exploit for a vulnerability that Microsoft feared it may trigger the next WannaCry is now being sold commercially. ??‍♀️ ZDNet https://t.co/bQNwRU2zRg
— ReconSecureComputing (@SecRecon) July 29, 2019

US company selling weaponized BlueKeep exploit #cybersecurity https://t.co/hBXzzTybg0 pic.twitter.com/I2jwV4HoDx
— Shared Security Podcast (@SharedSec) July 26, 2019

US company selling weaponized BlueKeep exploit#CyberSecurity #hacking #Pentesting #password #vulnerability #cyberattacks #IoT #IoTSecurity #TFA #hackers #malware #ransomware #windows #Bots #BlueKeep #WannaCry #DEVcommunity https://t.co/Veuxc3Zngk
— Reinard Mortlock (@MortlockReinard) July 29, 2019

US company selling weaponized #BlueKeep exploit https://t.co/7DhN8Uxugo #Cybersecurity #cybercrime #cyberattacks #hacker #hack #breach #phishing #dos #ransomware #malware #virus #apt #pii #nist #fcc #finra #hipaa #pci pic.twitter.com/0z4r2dR0AV
— Rich Tehrani (@rtehrani) July 25, 2019

A US company selling a weaponized BlueKeep exploit with RCE capabilities as part of a pen-testing tool (named CANVAS)

Infosec doomsday clock is now 11:59 ?

Patch your systems already. According to BitSight, there are still 800k vulnerable hosts online.https://t.co/KPUUn2Saoy pic.twitter.com/O1BrRk7jce
— Catalin Cimpanu (@campuscodi) July 25, 2019

US company selling weaponized BlueKeep exploit | ZDNet https://t.co/1yTYVVZ8FW
— David Cawley (@david_cawley) July 26, 2019

US company selling weaponized #BlueKeep #exploit #infosec https://t.co/qdn1OW9d09 pic.twitter.com/Tq24c3h2uz
— TEAM CYMRU (@teamcymru) July 25, 2019

permanent link

Open Wiki - Feel free to edit it. -

7/30 '19 answered

Enterprises fear a WannaCry-level outbreak as working exploits of the BlueKeep #vulnerability are now becoming available to the public. #cybersecurity https://t.co/JM2Jr9kTQr
— Kaspersky (@kaspersky) July 29, 2019

Fearing WannaCry-Level Danger, Enterprises Wrestle with BlueKeep | Threatpost https://t.co/nZPwtFUISo #vulnerability #CyberSecurity #WannaCry #BlueKeep #Ransomware #vulnerabilitymanagement #malware #BHUSA19
— Alert Logic (@alertlogic) July 29, 2019

US company selling weaponized BlueKeep exploit https://t.co/cmDZMuPUwC #Microsoft
— Laurent MILTGEN (@kubernan) July 25, 2019

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured