Review: Pwnie Express Pulse

Pwnie Express Pulse is a SaaS offering that uses custom hardware sensors to provide continuous network discovery, threat detection, risk assessment, and critical information about all security issues that should be resolved. After seeing Pulse in action, I can say that Pwnie Express came a long way from being a crowd pleaser at security conferences where people were obsessing over PwnPhone or PwnPlug, a penetration testing device that mimicked a surge protector. In case you … More

Eternal Blues: A free EternalBlue vulnerability scanner

It is to be hoped that after the WannaCry and NotPetya outbreaks, companies will finally make sure to install – on all their systems – the Windows update that patches SMB vulnerabilities leveraged by the EternalBlue and EternalRomance exploits. These exploits are currently available to practically any hacker who might want to use them, and protecting systems against them should be a must for every organization. But while bigger ones might have an IT department … More

NotPetya outbreak: What we know so far

Tuesday’s ransomware outbreak hit many businesses and government entities around the world, but by far the most numerous victims are located in Ukraine. The infection process The delivered malware was not, as initially believed, the original Petya ransomware or the previously seen variant PetrWrap. NotPetya, as this new threat was dubbed, is definitely made to look like Petya, and uses some of its code, but has its own specific characteristics: According to Kaspersky Lab researchers, … More

Building a strong cybersecurity program for the long haul

Patch Tuesday is approaching and there is a chance it might be a boring one. Hopefully, I didn’t jinx things by saying that, but I think most of what we’ll see is a bit of volume on the third-party side. Before we get into the forecast, though, let’s talk about the recent roller coaster we’ve all been on. WannaCry WannaCry is a name that will hold a place in our minds similar to Heartbleed, Conficker, … More

Who are we kidding? WannaCry is not a first

On Friday, May 12, 2017, the world was alarmed to discover that cybercrime has reached a new record, in a widespread ransomware attack dubbed WannaCry that is believed to have caused the biggest attack of its kind ever recorded. The details of the attack are all being reported as we go, as security teams scramble to recover and law enforcement agencies dig further into the evidence. To say that this is the biggest ransomware attack … More

Massive ransomware campaign spreading around the world like wildfire

Organizations around the world have been hit with the Wana Decrypt0r (aka WannaCry) ransomware, in what seems to be the most massive ransomware delivery campaign to date. Boom, we have insight!#WannaCrypt pic.twitter.com/Tji2e1D6sK — MalwareTech (@MalwareTechBlog) May 12, 2017 So far, we have recorded more than 45,000 attacks of the #WannaCry ransomware in 74 countries around the world. Number still growing fast. — Costin Raiu (@craiu) May 12, 2017 By many accounts, the success of the … More

Tens of thousands Windows systems implanted with NSA’s DoublePulsar

Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances are good that it has. What is DoublePulsar? DoublePulsar is a backdoor implant that enables the injection and running of DLLs – potentially malicious ones – on Windows computers. It was recently leaked by the Shadow Brokers, and hackers have been using it – in conjunction with the EternalBlue exploit – to … More

Microsoft patched the flaws allowing leaked Windows exploits to work

Microsoft has patched the vulnerabilities that allowed nine of the exploits released by the Shadow Brokers on Friday to work, and said that of the three remaining exploits, none will work on supported platforms (Windows 7 and newer versions of the OS, or Exchange 2010 and newer versions of Exchange). The list of addressed vulnerabilities (and the exploits they allowed) is as follows: Roughly half of these flaws were fixed at one point or another … More