August 29, 2020

973 words 5 mins read

BlueKeep is still haunting thousands of enterprise systems

BlueKeep is still haunting thousands of enterprise systems

More than 240,000 machines are still affected by the infamous BlueKeep vulnerability disclosed last year, which are among millions of other systems vulnerable to severe, historic flaws that have since been patched. The Windows 10 flaw was first disclosed more than a year and a half ago, with fears that it could potentially devastate corporate networks, passing undisturbed from terminal to terminal

, if a wormable exploit was developed. Although businesses were urged to patch their systems against the BlueKeep flaw immediately, researcher Jan Kopriva has suggested that hundreds of thousands of machines are still vulnerable to the notorious bug. SEE MORE BlueKeep attack discovery has done nothing to motivate businesses into patching systems SEE MORE Why the telecoms industry is particularly vulnerable to BlueKeep SEE MORE Weekly threat roundup: NHS COVID-19 app, Nvidia, and Oracle Although there has been a significant decline in the number of BlueKeep-affected machines accessible from the internet, there still appears to be 240,000 of them, Kopriva wrote.  “Given how dangerous and well known BlueKeep is, it rather begs the question of how many other, less well-known critical vulnerabilities are still left unpatched on a similar number of systems,” he added. “And since any of these might potentially come back to haunt us one day, this would seem to be a question worth asking.” Kopriva collated the number of machines that may still be vulnerable to other infamous flaws by scanning the Shodan search engine for devices. These were all discovered before 2020, and were generally than Kopriva would have expected. The vulnerability CVE-2019-0211, for example, an Apache HTTP server root privilege escalation flaw, still affects a staggering 3,357,835 machines. The flaw CVE-2019-12525, meanwhile, which was found in the Squid software, still affects 1,219,716 devices. Similarly to BlueKeep, the HeartBleed OpenSSL flaw still affects 204,878 machines despite having been patched more than six years ago. While these numbers are generally higher than Kopriva would have expected, he added that Shodan results aren’t necessarily up-to-date, or completely accurate.  He had previously, in November 2019, tried to warn businesses to patch the relevant systems immediately against the BlueKeep flaw. Shortly after the first “mass exploitation” of the vulnerability was discovered in the wild, the researcher presented data suggesting this hadn’t motivated businesses into acting any faster in patching their systems.

Date: 2020-11-17

URL: http://feeds.itpro.co.uk/~r/ITPro/Today/~3/cYyMLPBLfQI/bluekeep-still-haunting-thousands-of-enterprise-systems

itpro.co.uk

Apple MacBook Pro 16in review gallery (2020-12-02) Apples mammoth MacBook in pictures
Why is IoT security still such a problem? (2020-11-13) Research reports illuminating the poor security of Internet of Things IoT devices appear with what might be described as alarming regularity We hear tales of poor password control read descriptions of security breaches and then we often hear calls for regulators and governments to do more to stop devices with poor security getting onto the market With security problems so widely publicised why isn.. Why is IoT security still such a problem?
Acer Chromebook 715 review: Gallery (2020-12-02) All the specs and features to be a champion of the business world shame about the screen
What remote working lessons can we learn from the first lockdown? (2020-11-05) In a cruel twist of fate National Stress Awareness Day this year coincided simultaneously with Englands last day of freedom before heading into lockdown again and the long drawn-out saga of the US election But perhaps we shouldnt expect anything less from 2020 Understandably your nerves may already be shot as we plunge into Lockdown! Part Deux the sequel nobody wanted But as many businesses now re..
Huawei sells Honor due to ‘technical equipment shortage’ (2020-11-17) Huawei has announced the sale of its Honor smartphone business crediting the decision to a shortage oftechnical equipment caused by the trade restrictions imposed by the US government The Chinese tech giant confirmed that Honor will be sold to Shenzhen Zhixin New Information Technology - an enterprise owned by the government of Shenzhen where Huawei is headquartered In an official statement Huawei.. Huawei sells Honor due to ‘technical equipment shortage’
NCSC urges firms to patch against MobileIron vulnerability (2020-11-25) The National Cyber Security Centre NCSC has issued a warning over a MobileIron vulnerability that has the potential to compromise the networks of UK organisations Organisations using the California-based enterprise mobile device management MDM providers software could be targeted by Advanced Persistent Threat APT nation-state groups looking to exploit a critical remote code execution vulnerability..
Intel buys data science startup Cnvrg.io (2020-11-04) Intel has reportedly acquired Israeli data science startup Cnvrgio in a bid to strengthen its artificial intelligence AI and machine learning credentials In a statement giventoTechCrunch Intel confirmed the deal and said in a short statement that Cnvrg will be an independent Intel company and will continue to serve its existing and future customers The companydid not disclose any terms of the deal..
What is the Swift programming language, and why should I learn it? (2019-09-16) If youre an app developer youve likely got a few favoured programming languages in your toolkit Statistically speaking these probably include Java Python and some variation of C but theres a strong argument for incorporating the Swift programming language into your arsenal if you havent already SEE MORE Swift Playgrounds: Everything you need to know SEE MORE Apple allows open source community to t.. What is the Swift programming language, and why should I learn it?
FBI warns of hackers spoofing its domain (2020-11-24) The FBI has warned citizens that hackers have set up copycat websites that spoof FBI-related domains In an announcement on the FBIs Internet Crime Complaint Center IC3 site the law enforcement agency said it observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites indicating the potential for future operational activity SEE MORE The FBI cracks the largest ph..
Samsung Galaxy Book S review gallery (2020-07-14) So long surface Pro X - Samsung shows us how its really done