ICT Security-Sécurité PC et Internet
87.1K views | +0 today
Follow
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Metasploit team releases BlueKeep exploit | #CyberSecurity #Windows 

Metasploit team releases BlueKeep exploit | #CyberSecurity #Windows  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - September 6, 2019 3:53 PM

The developers of the Metasploit penetration testing framework have released today a weaponized exploit for the BlueKeep Windows vulnerability.

While other security researchers have released defanged BlueKeep proof-of-concept code in the past, this exploit is advanced enough to achieve code execution on remote systems, infosec experts who reviewed the Metasploit module have told ZDNet.

WHAT IS BLUEKEEP?


BlueKeep, also known as CVE-2019-0708, is a vulnerability in the Remote Desktop Protocol (RDP) service in older versions of the Windows operating system (Windows XP, Windows 2003, Windows 7, Windows Server 2008, and Windows Server 2008 R2).

Microsoft patched BlueKeep in the May 2019 Patch Tuesday security fixes released on May 14, and warned users to apply the patches as soon as possible.

At the time, to spur users into patching faster, the OS maker described BlueKeep as a "wormable" vulnerability that can self-propagate in a similar manner similar to how the EternalBlue exploit helped the WannaCry ransomware propagate to millions of computers in 2017.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Metasploit

 

Gust MEES's insight:

The developers of the Metasploit penetration testing framework have released today a weaponized exploit for the BlueKeep Windows vulnerability.

While other security researchers have released defanged BlueKeep proof-of-concept code in the past, this exploit is advanced enough to achieve code execution on remote systems, infosec experts who reviewed the Metasploit module have told ZDNet.

WHAT IS BLUEKEEP?


BlueKeep, also known as CVE-2019-0708, is a vulnerability in the Remote Desktop Protocol (RDP) service in older versions of the Windows operating system (Windows XP, Windows 2003, Windows 7, Windows Server 2008, and Windows Server 2008 R2).

Microsoft patched BlueKeep in the May 2019 Patch Tuesday security fixes released on May 14, and warned users to apply the patches as soon as possible.

At the time, to spur users into patching faster, the OS maker described BlueKeep as a "wormable" vulnerability that can self-propagate in a similar manner similar to how the EternalBlue exploit helped the WannaCry ransomware propagate to millions of computers in 2017.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Metasploit

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Metasploit website hijacked by pro-Palestinian hackers... via fax

Metasploit website hijacked by pro-Palestinian hackers... via fax | ICT Security-Sécurité PC et Internet | Scoop.it
From grahamcluley.com - October 11, 2013 10:56 AM
Rapid7's Metasploit is the latest high profile website to fall foul of a pro-Palestinian group of hackers, who hijacked its DNS records.

And it seems the hackers used an old-fashioned fax message to commit their crime.
Gust MEES's insight:

 

Surely companies like Register.com and Network Solutions need to be a little wiser about the possible tricks hackers could use to mess with their customers’ web visitors?


Learn more:


http://www.scoop.it/t/securite-pc-et-internet/?tag=KDMS-TEAM


more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

The FBI Used the Web's Favorite Hacking Tool to Unmask Tor Users

The FBI Used the Web's Favorite Hacking Tool to Unmask Tor Users | ICT Security-Sécurité PC et Internet | Scoop.it
From www.wired.com - December 17, 2014 10:05 AM
For more than a decade, a powerful app called Metasploit has been the most important tool in the hacking world: An open-source Swiss Army knife of hacks that puts the latest exploits in the hands of anyone who’s interested, from random criminals to the thousands of security professionals who rely on the app to scour client networks for holes.

Now Metasploit has a new and surprising fan: the FBI. WIRED has learned that FBI agents relied on Flash code from an abandoned Metasploit side project called the “Decloaking Engine” to stage its first known effort to successfully identify a multitude of  suspects hiding behind the Tor anonymity network.


Learn more:


http://www.scoop.it/t/securite-pc-et-internet/?tag=TOR


Gust MEES's insight:
For more than a decade, a powerful app called Metasploit has been the most important tool in the hacking world: An open-source Swiss Army knife of hacks that puts the latest exploits in the hands of anyone who’s interested, from random criminals to the thousands of security professionals who rely on the app to scour client networks for holes.

Now Metasploit has a new and surprising fan: the FBI. WIRED has learned that FBI agents relied on Flash code from an abandoned Metasploit side project called the “Decloaking Engine” to stage its first known effort to successfully identify a multitude of  suspects hiding behind the Tor anonymity network.


Learn more:


http://www.scoop.it/t/securite-pc-et-internet/?tag=TOR


more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Metasploit.com, Rapid7.com “Hacked” by Palestinian Hackers of KDMS Team

Metasploit.com, Rapid7.com “Hacked” by Palestinian Hackers of KDMS Team | ICT Security-Sécurité PC et Internet | Scoop.it
From news.softpedia.com - October 11, 2013 9:34 AM
Palestinian hackers of KDMS Team, the ones that have defaced numerous high-profile domains over the past days through DNS poisoning, have hijacked met...
Gust MEES's insight:

 

“Still having a tug of war with the Rapid7 domains, the attackers have the ability to change ANY Register.com domain, check yours,” Moore warned on Twitter.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=KDMS-TEAM

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn