April 18, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Chinese Hackers Evade Detection with Advanced Cryptojacking Tactics
October 16, 2019Rewterz Threat Alert – Blackremote: An undocumented RAT
October 16, 2019Rewterz Threat Alert – Chinese Hackers Evade Detection with Advanced Cryptojacking Tactics
October 16, 2019Rewterz Threat Alert – Blackremote: An undocumented RAT
October 16, 2019
Severity
High
Analysis Summary
Eternal Blue Downloader Trojan has recently been updated adding the Bluekeep vulnerability (CVE-2019-0708) detection and utilization. CVE-2019-0708 is a RDP remote code execution vulnerability that does not require authentication and user interaction. It can be completely controlled by a hacker as long as there is a vulnerable computer network. Using this vulnerability may form a worm-like spread similar to WannaCry.
Impact
- System/ Privileged access
- Execution of arbitrary code
Remediation
- Block the threat indicators at their respective controls.
- Install patches against the Bluekeep Vulnerability.