Microsoft: find and patch RDP services now because new BlueKeep threats are coming

11 November 2019

Following reports of the first attacks for the BlueKeep RDP flaw affecting Windows PCs, Microsoft has issued an alert for admins to patch all Remote Desktop protocol (RDP) services immediately. Last week UK researchers Kevin Beaumont and Marcus Hutchins detailed new BlueKeep attacks designed to install cryptominers on compromised machines. A honeypot Beaumont created to detect BlueKeep exploitation showed signs that multiple machines in his honeypot began crashing and rebooting in late October. The good news was that it wasn’t being used to spread ransomware via a WannaCry-like worm that Microsoft initially warned could happen if someone figured out a reliable exploit for BlueKeep. The bad news is that they finally could be figuring out how it be used to create maximum damage. Microsoft last week detailed how it began working with the UK-based researchers after their report on new exploitation of BlueKeep, which is tracked as CVE-2019-0708.

Read full article on CSO

Date:

11 November 2019

Categorie(s):

NEWS

Tag(s):

BlueKeep, Microsoft

Canada arrests suspected hacker over breach of 160+ Snowflake users’ data6 November 2024
Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024
DocuSign’s API used to lure victims into e-signing fake invoices5 November 2024
Schneider Electric ransomware crew demands $125k paid in baguettes5 November 2024
How to Become a Chief Information Officer: CIO Cheat Sheet5 November 2024