Bleeping Computer

Metasploit 6.2.0 improves credential theft, SMB support features, more

Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. Metasploit is a penetration testing framework ...
ZDNet

Windows SMB2 exploit now public; Expect in-the-wild attacks soon

Fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been released to the public domain via the freely available Metasploit point-and-click attack tool, raising the ...
Computer Weekly

Leaked SMB exploits make malware powerful, warns Cylance

Exploits of Microsoft’s server message block (SMB) protocol have been an “unmitigated success” for malware writers, according to researchers at security firm Cylance. In April 2017, the Shadow Brokers ...
Threat Post

EternalBlue Exploit Spreading Gh0st RAT, Nitol

FireEye said threat actors are using the NSA’s EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT. EternalBlue, the exploit used in the WannaCry ...
eWeek

Windows Exploit Released, But Experts Downplay Danger

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Amid conflicting reports on the extent of sniffing ...
CSOonline

3 leaked NSA exploits work on all Windows versions since Windows 2000

The EternalSynergy, EternalRomance, and EternalChampion exploits have been reworked to work on all vulnerable Windows versions: Windows 2000 -- Server 2016. Oh, good, three NSA exploits previously ...
Computerworld

Rush Windows patch for SMB 2 flaw unlikely, says researcher

It’s unlikely that Microsoft will ship an emergency fix for a critical Windows vulnerability that the company disclosed earlier this month, a security researcher said yesterday. The vulnerability in ...