BlueKeep Archives - Securezoo

The top 3 endpoint threats used in 2020 cyberattacks

Cybersecurity Articles, Cybersecurity Attacks, Endpoint Security, Malware, System Hardening, Vulnerabilities & Exploits / By Frank Crast / September 22, 2020 / ATT&CK, BlueKeep, Cisco, CobaltStrike, credentials, CVE-2019-0708, Divergent, Emotet, FASTCash, GALLIUM, HIDDEN COBRA, IOT, Metasploit, Mimikatz, MITRE, PowerSHell, Powersploit

Cybersecurity criminals are continuing to change threat tactics by leveraging more fileless malware and duel-use tools to attack organizations.

FBI: Cyberattackers target EOL Windows 7 systems

Configuration Management, Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / August 6, 2020 / BlueKeep, Cyberattack, EOL, EOS, FBI, Microsoft, WannaCry, Windows 7

The Federal Bureau of Investigation (FBI) issued a private industry notification warning that cyberattackers continue to target end of life (EOL) Windows 7 systems.

Sarwent malware has new command functions, targets RDP

Malware / By Frank Crast / May 27, 2020 / BlueKeep, RDP, Sarwent

Security researchers have discovered a new version of Sarwent malware that has new command functionality, such as executing PowerShell commands and preference for using RDP.

The top 20 vulnerabilities to patch now (that are most under attack)

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits, Zero-days / By Frank Crast / December 26, 2019 / Apache, BlueKeep, CVE-2012-0158, CVE-2014-8361, CVE-2017-0143, CVE-2017-0199, CVE-2017-10271, CVE-2017-11882, CVE-2017-17215, CVE-2017-5638, CVE-2017-5715, CVE-2017-8570, CVE-2017-8759, CVE-2018-0802, CVE-2018-10561, CVE-2018-12130, CVE-2018-20250, CVE-2018-4878, CVE-2018-7600, CVE-2018-8174, CVE-2019-0708, CVE-2019-2725, IOT, Loki, MDS, Meltdown, Nanocore, Spectre, Struts, Verint, Vulnerabilities, WebLogic, WinRAR, Zyklon

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization’s patch management efforts.

Microsoft warns more BlueKeep attacks to come

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 8, 2019 / BlueKeep, CVE-2019-0708, Metasploit

For the third time this year, Microsoft has warned users and organizations to stay vigilant against BlueKeep and patch their systems. In collaboration with security researchers, Microsoft investigated recent system crashes have been caused by a BlueKeep Metasploit module.

Microsoft August 2019 Security Updates

Malware, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 14, 2019 / Active Directory, BlueKeep, Edge, Internet Explorer, Microsoft, Office, Visual Studio, Windows

Microsoft issued the August 2019 Security Updates on Tuesday that include 93 unique vulnerability fixes, 29 of those rated critical. In addition, two of the patches address two critical Remote Code Execution (RCE) “wormable” vulnerabilities (CVE-2019-1181 and CVE-2019-1182) in Remote Desktop Services.

DHS issues new warning on BlueKeep threat

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 18, 2019 / BlueKeep, DHS, WannaCry

The Department of Homeland Security (DHS) just issued a new warning on the “wormable” BlueKeep threat and vulnerability. DHS says attackers can exploit unpatched systems to perform remote code execution.

GoldBrute botnet targets 1.5M exposed RDP servers

Configuration Management, Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / June 7, 2019 / BlueKeep, Brute Force, CVE-2019-0708, GoldBrute, malware, Morphus Labs, RDP

A new botnet dubbed “GoldBrute” targets 1.5 million publicly exposed RDP servers on the internet via brute force attack.

Siemens medical products impacted by BlueKeep RDS flaw

Configuration Management, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 28, 2019 / BlueKeep, CVE-2019-0708, Siemens, Software, Windows

Siemens Healthineers, a Siemens company that makes medical products, has disclosed multiple software products are impacted by the Remote Desktop Services (RDS) or BlueKeep vulnerability.

BlueKeep scanning activity picks up

Vulnerabilities & Exploits / By Frank Crast / May 27, 2019 / BlueKeep, CVE-2019-0708, RDP, Windows

Security experts have been warning about bad actors soon developing exploits for a BlueKeep vulnerability that was patched by Microsoft earlier this month. Exploits in the wild are likely closer than ever after one security company spotted a huge uptick in scanning for BlueKeep over the weekend.