Bleeping Computer

Metasploit 6.2.0 improves credential theft, SMB support features, more

Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. Metasploit is a penetration testing framework ...
Computer Weekly

Leaked SMB exploits make malware powerful, warns Cylance

Exploits of Microsoft’s server message block (SMB) protocol have been an “unmitigated success” for malware writers, according to researchers at security firm Cylance. In April 2017, the Shadow Brokers ...
ZDNet

Windows SMB2 exploit now public; Expect in-the-wild attacks soon

Fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been released to the public domain via the freely available Metasploit point-and-click attack tool, raising the ...
Threat Post

EternalBlue Exploit Spreading Gh0st RAT, Nitol

FireEye said threat actors are using the NSA’s EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT. EternalBlue, the exploit used in the WannaCry ...
Computerworld

Rush Windows patch for SMB 2 flaw unlikely, says researcher

It’s unlikely that Microsoft will ship an emergency fix for a critical Windows vulnerability that the company disclosed earlier this month, a security researcher said yesterday. The vulnerability in ...