The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote malicious users to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft server_message_block 1.0 |
More than $1.3 billion stolen in string of attacks against financial institutions and cryptocurrency exchanges.
Posted: 18 Feb, 20214 Min ReadThreat Intelligence SubscribeLazarus: Three North Koreans Charged for Financially Motivated AttacksMore than $1.3 billion stolen in string of attacks against financial institutions and cryptocurrency exchanges. The U.S. government has charged three men in relation to a string of financially motivated cyber attacks linked to the North Korean Lazarus (aka Appleworm) group. The attackers stole approximately $1.3 billion from a ...
Microsoft advises how to harden cloudy Windows, cos it runs a cloud not your OS
Microsoft Windows users already know what to do to defeat WannaCrypt (unless they've been asleep for a week). Now the company's published its advice for its Azure customers. Since there aren't any surprises in Microsoft's note for Azure users, Vulture South suspects this is a prod for people who are slow to respond or complacent about security. WannaCrypt is the ransomware/worm built using NSA exploits leaked by Shadow Brokers. It exploits a bug in the ancient and should-have-been-retired SMB1 p...
EternalBlue now an eternal headache
Updated Workers at Telefónica's Madrid headquarters were left staring at their screen on Friday following a ransomware outbreak. Telefónica was one of several victims of a widespread file-encrypting ransomware outbreak, El Pais reports. Telefónica has confirmed the epidemic on its intranet while downplaying its seriousness, saying everything was under control. Fixed and mobile telephony services provided by the firm have not been affected. Other Spanish targets of the attack reportedly includ...