Bleeping Computer

Metasploit 6.2.0 improves credential theft, SMB support features, more

Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. Metasploit is a penetration testing framework ...
Computer Weekly

Leaked SMB exploits make malware powerful, warns Cylance

Exploits of Microsoft’s server message block (SMB) protocol have been an “unmitigated success” for malware writers, according to researchers at security firm Cylance. In April 2017, the Shadow Brokers ...
ZDNet

Windows SMB2 exploit now public; Expect in-the-wild attacks soon

Fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been released to the public domain via the freely available Metasploit point-and-click attack tool, raising the ...
Computerworld

Microsoft unveils shield for critical Windows flaw as attack code looms

With attack code that exploits a critical unpatched bug in Windows likely to go public soon, Microsoft wants users to run an automated tool that disables the vulnerable component. The bug in SMB ...
Threat Post

EternalBlue Exploit Spreading Gh0st RAT, Nitol

FireEye said threat actors are using the NSA’s EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT. EternalBlue, the exploit used in the WannaCry ...
Computerworld

Rush Windows patch for SMB 2 flaw unlikely, says researcher

It’s unlikely that Microsoft will ship an emergency fix for a critical Windows vulnerability that the company disclosed earlier this month, a security researcher said yesterday. The vulnerability in ...
CSOonline

3 leaked NSA exploits work on all Windows versions since Windows 2000

The EternalSynergy, EternalRomance, and EternalChampion exploits have been reworked to work on all vulnerable Windows versions: Windows 2000 -- Server 2016. Oh, good, three NSA exploits previously ...