Free Eternal Blues Vulnerability Scanner Released

Even after the Wannacry Ransomware attack, many organisations failed to apply the Windows update which addresses the Eternal Blue vulnerability or to disabled the smb v1, as such, making thousands victims of NotPetya Ransomware.

Seeing the huge amount of organisation which has fallen victims of these Ransomware, Elad Erez, Director of Innovation at Imperva, developed a Eternal Blue vulnerability scanner and made it available freely for non-technical organisations and those which do not have an IT Security team.

Yet another vulnerability scanner?
There are many vulnerability scanners out there. So… why did I create another? Mainly for the ease of use. The majority of latest WannaCry, NoPetya (Petya, GoldenEye or whatever) victims, are not technical organizations and sometimes just small business who don’t have a security team, or even just an IT team to help them mitigate this. Running NMap, Metasploit (not to mention more commercial products) is something they will never do. I aimed to create a simple ‘one-button’ tool that tells you one thing and one thing only – which systems are vulnerable in your network.

The tool scans all the devices on the network and states whether these devices are vulnerable to any Eternal Blue based attack without exploiting them. According to the blog post, the tool has been tested on real networks and have identified a few vulnerable computers.

The free tool can be downloaded from the official website [Click Here!]

Petya Ransomware Causing Massive Attack

Thousands of computers around the globe have been hit by a new ransomware called Petya. Similar to WannaCry, the new ransomware is using the Ethernal Blue exploit as one of it mean to propagate itself inside network. After infecting the computers, victims are asked to pay $300 in bitcoins to regain access to their machine.
Several high profile firms have already been affected by the new ransomware. In Ukraine, the Ukraine’s central bank, the Kiev Boryspil Airport, Ukrenego electricity supplier, municipal metro, and state telecom have been attacked.

The international logistics company MAERSK has announced on its twitter account it has fallen victim of Petya ransomware.

 Researchers from Hacker Fantastic have noticed that the encryption process takes place after the infected windows device is rebooted. If devices are not powered on again, files will not be encrypted.

University College London (UCL) Suffered a Major Ransomware Attack


The University College London was hit by a major Ransomware attack on June 15 2017. The Ransomware infected personal and shared drives in the network and the UCL's information Security Team is working with the affected users to identify the exact source of the infection.
According to press release of the University, this could be a zero-day attack as the virus did not show any suspicious activity.

"We are continuing to investigate the infection that is affecting UCL users. Our current hypothesis is that the malware infection occurred through users visiting a website that has been compromised rather than being spread via email attachments. However this remains unconfirmed at the moment."

The security team later confirmed that the attack was not via email but by visiting infected website.
"We have continued to analyse the infection across the UCL filestore and the method of infection this is still ongoing. We have not seen any more users affected by the malware. We no longer think the infection came from an infected email but from users accessing a compromised website. Please be vigilant if you notice an unexpected popup or other unusual behaviour when you access a website close the browser and report it to Service Desk."

At the time of writing, the Security team were still restoring the infected drives.
Source: [UCL ISD News]

Visitors

Free counters!

Receive all updates via Facebook. Just Click the Like Button Below...

Powered By MauriHackerS

Translate

MauriHackerS - Providing Latest IT Security and Hacking News !