Almost six months ago, we were urging users to patch their systems due to a remote code execution vulnerability present in Remote Desktop Services, where attackers could connect to a target’s system using RDP. At that time (May 2019), Microsoft released a patch for CVE-2019–0708, the Remote Desktop vulnerability dubbed BlueKeep. The exploitation could cause the “blue screen of death”, potentially leading to a Game of Thrones ‘Red Keep’ moment”. This vulnerability was thought to be ‘wormable’, meaning that any malware that exploited it could propagate from computer to computer.
We predicted that it could potentially produce the same amount of damage as we witnessed in the case of the WannaCry ransomware and the older Conficker worm. A few days back, security researcher Kevin Beaumont reported that his BlueKeep honeypot was being exploited in the wild. His discovery was also confirmed by Marcus Hutchins, the security researcher who stopped the WannaCry outbreak and who is a specialist in the BlueKeep exploit.
How was the BlueKeep exploit used?
Recently, a malicious hacker group was spotted using a demo BlueKeep exploit released by the Metasploit team back in September, which was meant to help system administrators test vulnerable systems. Attackers have now been using it break into unpatched Windows systems and install cryptocurrency miners.
But even though these attacks may seem insignificant compared to what had been f ..
Support the originator by clicking the read the rest link below.
