In April 14, 2017, a group known as Shadow brokers released a large amount of data that was allegedly stolen from the NSA with detailed information about hacker attack and various explorations of Windows.
This time, the targets were banking systems, hacked through vulnerabilities in Windows, Exchange, and SWIFT's own bank communication platform.
Although the new batch of exploits employed by NSA involving Windows, a widely used operating system worldwide, Microsoft claims that its security experts worked to investigate the leak as soon as it was published.
According to the company, of the 12 Windows vulnerabilities disclosed by Shadow Brokers, nine of them have been previously fixed in system or Exchange security updates and the other three could not be reproduced in supported operating system versions.
Four specific exploits that take advantage of these Server Message Block (SMB) vulnerabilities have been added. Also included is a piece of malware with the code name DOUBLEPULSAR that uses these SMB exploits to quickly infect other machines.
This malware has spread rapidly in nature in recent days and it is believed that threat actors will quickly adapt this malware to overcome current protections. Microsoft has released security patch MS17-010 to address five similar but distinct SMB protocol vulnerabilities for all supported Microsoft operating systems.
Specifically, these are considered increasingly dangerous vulnerabilities as they could potentially allow a remote attacker to execute code on the target machine and potentially take control of it once successfully exploited.
A third party analysis of Shadow Brokers leaked information indicates that at least one of the vulnerabilities could allow an attacker to elevate their privileges to the Administrator as well. All versions of Microsoft Windows are affected.
[SAFEWAY] is concerned with protecting our customers' information, but also wants to create a & #8220; large exchange network & #8221; information about Cybersecurity.
Check quickly:
1. That your site has not been affected by the vulnerability and no action is required.
2. If you already have this vulnerability, evaluate:
The. Did you install the necessary corrections to limit exposure and confirm that you were not compromised before the correction?
B. Your efforts are still ongoing, do you have a solution plan schedule to fix them?
W. Keep in mind what the residual risk will be if there are devices that cannot be patched or upgraded to a non-vulnerable version?
I hope this information is helpful to you. We are available if you need further support.
** Contact a consultant or our managers at (11) 4063-3221 or email us: [email protected]**
