Since WannaCry and NotPetya struck the internet just over three years ago, the security industry has scrutinized every new Windows bug that could be used to create a similar world-shaking worm. Now one potentially “wormable” vulnerability — meaning an attack can spread from one machine to another with no human interaction — has appeared in Microsoft’s implementation of the domain name…
Tag: wannacry
A Widespread BlueKeep ‘Exploit’ Is Targetting Unpatched Windows 7/XP Computers
An anonymous reader quotes Forbes:
When Microsoft issued the first patch in years for Windows XP in May 2019, you knew that something big was brewing. That something was a wormable Windows vulnerability that security experts warned could have a similar impact as the WannaCry worm from 2017. The BlueKeep vulnerability exists in unpatched versions of Windows Server 2003, Windows XP, Windows…
UK Cybersecurity Agency Urges Devs To Drop Python 2
Python’s End-of-Life date is 129 days away, warns the UK National Cyber Security Centre (NCSC). “There will be no more bug fixes, or security updates, from Python’s core developers.” An anonymous reader quotes ZDNet: The UK’s cyber-security agency warned developers Thursday to consider moving Python 2.x codebases to the newer 3.x branch due to the looming end-of-life of Python 2, scheduled…
Penetration Testing Toolkit Includes Exploit For ‘Incredibly Dangerous’ Bluekeep Vulnerability
An anonymous reader quotes Vice: In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been unsupported) for five years. That vulnerability is known as BlueKeep, and it has kept a lot of security…
Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003
Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. From a report: The vulnerability (CVE-2019-0708) resides in the “remote…
WannaCry hero pleads guilty to developing banking malware
Source: https://www.theverge.com/2019/4/19/18508215/marcus-hutchins-wannacry-kronos-malware-guilty-plea…
‘WannaCry Hero’ Marcus Hutchins Pleads Guilty to Making Banking Malware
The researcher who helped stop the WannaCry ransomware pleaded guilty to two counts of hacking for writing banking malware in 2014.Source: https://motherboard.vice.com/en_us/article/qv7pad/marcus-hutchins-pleads-guilty-banking-malware-wannacry-hero…