EternalBlue Vulnerability Scanner Finds Exposed Hosts Worldwide

Orome1 quotes Help Net Security:After the recent massive WannaCry ransomware campaign, Elad Erez, Director of Innovation at Imperva, was shocked at the number of systems that still sported the Microsoft Windows SMB Server vulnerabilities that made the attack possible. So, he decided to do something about it: he created Eternal Blues, an easy-to-use vulnerability scanner that he made available for download for free... The statistics collected by the tool, as well as the total number of downloads, show that after the NotPetya attack, people's awareness of the threat did increase... Over 8 million IP addresses were scanned, and a total of 60,000 vulnerable hosts were identified (out of ~537,000 that were responsive). Of the ~537,000 responsive hosts, some 258,000 still had SMBv1 enabled. One organization in France found two vulnerable hosts after scanning over 13,000 IP addresses, and Erez believes that without his tool, "finding those two needles in the haystack would have been an almost impossible mission... Here is a lesson for IT/Security departments: don't be so certain that you know your network well. Deploy a multi-layered stack of security tools for both risk analysis and real time enforcement."

Read more of this story at Slashdot.

from:https://slashdot.org/