The NSA are advising all organisations to patch the #BlueKeep vulnerability, along with mitigating actionshttps://twitter.com/nsagov/status/1135984607122341888?s=21 …
-
Show this thread
-
There is no public remote code execution exploit, and no evidence of exploitation in the wild. Keep patching.
4 replies 2 retweets 9 likesShow this thread -
June’s patch cycle begins today with Microsoft. There is currently no public remote code execution exploit for
#BlueKeep and no evidence of exploitation in the wild.2 replies 5 retweets 23 likesShow this thread -
Shout out to
@ValthekOn@zerosum0x0@MalwareTechBlog and@ryHanson for not releasing their exploits. They absolutely would be strapped on to ransomware almost immediately - I’ve already seen a few people try, not realising they’ve paid for fake exploits.4 replies 6 retweets 48 likesShow this thread -
Kevin Beaumont Retweeted Cedric Halbronn
NCC have released a tool which allows scanning for BlueKeep where NLA is enabled (and you have creds)
https://twitter.com/saidelike/status/1139092480903798784?s=21 …Kevin Beaumont added,
1 reply 7 retweets 31 likesShow this thread -
If you use Rapid7, it now does unauthenticated scanning for
#BlueKeep from today.pic.twitter.com/JpCrKhoxDR
4 replies 7 retweets 33 likesShow this thread -
There are still around 1 million publicly accessible devices vulnerable to
#BlueKeep, without NLA enabled, confirmed by@bitsight with rdpscan. The US remains one of the least patched regions. https://www.bitsight.com/blog/data-insights-on-bluekeep-vulnerability …pic.twitter.com/vuy0euY4xQ
3 replies 13 retweets 22 likesShow this thread -
By the way, although InfoSec is generally a hype cycle (THE NEXT GEN THREAT!!1!), the
#BlueKeep RDP vulnerability is still very real threat (even without a public exploit) and risk of turning into an int'l incident - so orgs should concentrate on remediating straggling systems.1 reply 3 retweets 15 likesShow this thread -
There's still no public remote code execution exploit for BlueKeep. Thanks to some sterling work by
@TomSellers and@zerosum0x0 you can scan with Metasploit with randomised fake usernames and computer names now.pic.twitter.com/08HcutYa9i
1 reply 8 retweets 15 likesShow this thread -
New: US Cybersecurity and Infrastructure Security Agency say they have tested
#BlueKeep vulnerability against Windows 2000 and achieved code execution. https://www.us-cert.gov/ncas/alerts/AA19-168A …4 replies 8 retweets 23 likesShow this thread
Note that the wording of this alert has been updated since its original publication. Mention of "code execution" on Windows 2000 has been removed.
-
-
Replying to @wdormann
Amazing, now says “CISA has coordinated with external stakeholders and determined that Windows 2000 is vulnerable to BlueKeep.”
@MalwareTechBlog help the USG out and confirm RCE
3 replies 1 retweet 10 likes -
Replying to @GossiTheDog @wdormann
I'm actually doing that right now for lolz, but I've got a meeting in 30 mins so won't be done.
1 reply 0 retweets 8 likes - 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.