ZDNet

Windows SMB2 exploit now public; Expect in-the-wild attacks soon

Fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been released to the public domain via the freely available Metasploit point-and-click attack tool, raising the ...

Still using Windows 10? You're a prime target for ransomware now - unless you do this

ZDNET's key takeaways Millions of computers globally are still running Windows 10.Attackers are ready, willing, and able to ...
Ars Technica

Exploit for wormable BlueKeep Windows bug released into the wild

For months, security practitioners have worried about the public release of attack code exploiting BlueKeep, the critical vulnerability in older versions of Microsoft Windows that’s “wormable,” ...
The Next Web

New Windows 0-day exploit bypasses UAC, gets published online

Microsoft has publicly confirmed that it is currently investigating a new 0-day Windows exploit that could possibly allow attackers to execute malicious code from limited access accounts. Disclosed on ...
Ars Technica

New Windows exploit lets you instantly become admin. Have you patched?

Researchers have developed and published a proof-of-concept exploit for a recently patched Windows vulnerability that can allow access to an organization’s crown jewels—the Active Directory domain ...

Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit

A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager ...
Bleeping Computer

Researchers Port NSA EternalBlue Exploit to Windows 10

Experts at RiskSense have ported the leaked NSA exploit named ETERNALBLUE for the Windows 10 platform. This is the same exploit that was used by the WannaCry ransomware as part of its SMB ...

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...
ZDNet

Exploit code puts Windows XP and 2000 at risk

Exploit code has been published that could take advantage of flaws in Windows XP SP1 and Windows 2000 SP4, according to a warning issued Thursday by Microsoft. Although the exploit code could be used ...
Forbes

Confirmed: Microsoft Windows Zero-Day Exploit Used In Government Espionage Operation

It has been revealed that a threat actor once best known for cyber bank robbery in Russia has made a move to espionage. The highly targeted attacks against government institutions in Eastern Europe, ...
Forbes

Windows 10: Microsoft Leaves Active Security Exploit Unfixed—For Two Years!

I imagine I must be some kind of techno-masochist, seeing as I quite look forward to the Patch Tuesday security updates rolled out by Microsoft every month. The August 11 event, which saw a total of ...
Dark Reading

WannaCry Exploit Could Infect Windows 10

A flaw in unpatched versions of Window 10 could leave machines vulnerable to EternalBlue, the remote kernel exploit behind the recent WannaCry ransomware attack. WannaCry targeted a Server Message ...