302:, a British security company, reported on a working example of such a PoC, in order to emphasize the urgent need to patch the vulnerability. On 22 July 2019, more details of an exploit were purportedly revealed by a conference speaker from a Chinese security firm. On 25 July 2019, computer experts reported that a commercial version of the exploit may have been available. On 31 July 2019, computer experts reported a significant increase in malicious RDP activity and warned, based on histories of exploits from similar vulnerabilities, that an active exploit of the BlueKeep vulnerability in the wild might be imminent.
2905:
54:
339:
The RDP protocol uses "virtual channels", configured before authentication, as a data path between the client and server for providing extensions. RDP 5.1 defines 32 "static" virtual channels, and "dynamic" virtual channels are contained within one of these static channels. If a server binds the
283:(NLA) login credentials are cached on the client system, and the user can re-gain access to their RDP connection automatically if their network connection is interrupted. Microsoft dismissed this vulnerability as being intended behaviour, and it can be disabled via
1100:"Cybersecurity Firm Drops Code for the Incredibly Dangerous Windows 'BlueKeep' Vulnerability - Researchers from U.S. government contractor Immunity have developed a working exploit for the feared Windows bug known as BlueKeep"
320:
On 6 September 2019, an exploit of the wormable BlueKeep security vulnerability was announced to have been released into the public realm. The initial version of this exploit was, however, unreliable, being known to cause
1262:
1192:"The First BlueKeep Mass Hacking Is Finally Here—but Don't Panic - After months of warnings, the first successful attack using Microsoft's BlueKeep vulnerability has arrived—but isn't nearly as bad as it could have been"
430:(such as Vista, XP, and Server 2003) and thus are no longer eligible for security updates. The patch forces the aforementioned "MS_T120" channel to always be bound to 31 even if requested otherwise by an RDP server.
453:, two-factor authentication may make the RDP issue less of a vulnerability. However, the best protection is to take RDP off the Internet: switch RDP off if not needed and, if needed, make RDP accessible only via a
1109:
764:
919:
1045:
632:
1748:
1292:
794:
1768:
981:
951:
942:"BlueKeep: Researchers show how dangerous this Windows exploit could really be - Researchers develop a proof-of-concept attack after reverse engineering the Microsoft BlueKeep patch"
524:
1230:
1254:
248:, with Microsoft (based on a security researcher's estimation that nearly 1 million devices were vulnerable) saying that such a theoretical attack could be of a similar scale to
1322:
727:
823:
1139:
1068:"US company selling weaponized BlueKeep exploit - An exploit for a vulnerability that Microsoft feared it may trigger the next WannaCry is now being sold commercially"
387:
1354:
1099:
1036:"Chances of destructive BlueKeep exploit rise with new explainer posted online - Slides give the most detailed publicly available technical documentation seen so far"
887:
754:
214:
112:
909:
1434:
663:
1169:
694:
1920:
1460:
623:"Exploit for wormable BlueKeep Windows bug released into the wild - The Metasploit module isn't as polished as the EternalBlue exploit. Still, it's powerful"
1738:
1077:
1035:
622:
1682:
562:
177:. Microsoft issued a security patch (including an out-of-band update for several versions of Windows that have reached their end-of-life, such as
1284:
1201:
855:
786:
1396:
973:
941:
340:
virtual channel "MS_T120" (a channel for which there is no legitimate reason for a client to connect to) with a static channel other than 31,
244:(which issued its own advisory on the vulnerability on 4 June 2019) and Microsoft stated that this vulnerability could potentially be used by
1728:
1497:
1852:
514:
1222:
328:
On 2 November 2019, the first BlueKeep hacking campaign on a mass scale was reported, and included an unsuccessful cryptojacking mission.
597:
2925:
2266:
1733:
2400:
2382:
1883:
1661:
1427:
1314:
719:
2406:
1932:
1893:
1528:
815:
1707:
1131:
2466:
2412:
1987:
1878:
2935:
1814:
1651:
1553:
1873:
1646:
1004:"CVE-2019-0708: Remote Desktop Services remote code execution vulnerability (known as BlueKeep) - Technical Support Bulletin"
1344:
2909:
1753:
1465:
1455:
1420:
1013:
442:
2895:
877:
2627:
2017:
1804:
1743:
1702:
1600:
446:
280:
253:
653:
331:
On 8 November 2019, Microsoft confirmed a BlueKeep attack, and urged users to immediately patch their
Windows systems.
2122:
1857:
1620:
1378:
1161:
2930:
2811:
2152:
2007:
1799:
1692:
1636:
1407:
1382:
684:
472:
438:
272:
2292:
2261:
1888:
147:
1067:
2430:
1997:
1915:
1821:
1794:
345:
264:
241:
165:
First reported in May 2019, it is present in all unpatched
Windows NT-based versions of Microsoft Windows from
2586:
2250:
1723:
1656:
1502:
552:
477:
454:
434:
268:
155:
2460:
2316:
2147:
1809:
487:
423:
371:
170:
2601:
2436:
2220:
1584:
427:
234:
159:
1191:
845:
2364:
2245:
1957:
1666:
1615:
1610:
322:
685:"CVE-2019-0708 Remote Desktop Services Remote Code Execution Vulnerability - Security Vulnerability"
2863:
2735:
1763:
1579:
654:"Customer guidance for CVE-2019-0708 - Remote Desktop Services Remote Code Execution Vulnerability"
482:
419:
415:
367:
363:
276:
181:) on 14 May 2019. On 13 August 2019, related BlueKeep security vulnerabilities, collectively named
1386:
2873:
2868:
2765:
2394:
2157:
2083:
1773:
1574:
198:
1255:"RDP Stands for "Really DO Patch!" – Understanding the Wormable RDP Vulnerability CVE-2019-0708"
2878:
2760:
2730:
2334:
2190:
1548:
1512:
587:
127:
222:
2806:
2658:
2581:
2230:
2167:
2042:
1491:
1196:
592:
295:
139:
80:
75:
374:
were named by
Microsoft as being vulnerable to this attack. Versions newer than 7, such as
205:
BlueKeep security vulnerability was announced to have been released into the public realm.
2816:
2791:
2755:
2683:
2596:
2591:
2235:
2027:
1937:
1641:
1104:
341:
63:
2555:
2550:
2240:
2225:
2215:
2210:
2142:
2117:
2112:
2107:
2052:
1507:
197:
of the operating system, as well as the older
Windows versions. On 6 September 2019, a
787:"Microsoft warns of major WannaCry-like Windows security exploit, releases XP patches"
390:
stated that it had also successfully achieved code execution via the vulnerability on
2919:
2678:
2137:
2096:
2092:
2088:
407:
355:
245:
230:
221:. The vulnerability was named BlueKeep by computer security expert Kevin Beaumont on
202:
2622:
2576:
2376:
2340:
2195:
2185:
2078:
2073:
2068:
1942:
1758:
1687:
1285:"Homeland Security: We've tested Windows BlueKeep attack and it works so patch now"
1040:
759:
627:
391:
284:
166:
325:" (BSOD) errors. A fix was later announced, removing the cause of the BSOD error.
298:(PoC) codes exploiting the vulnerability may have been available. On 1 July 2019,
31:
1223:"Microsoft works with researchers to detect and protect against new RDP exploits"
305:
On 13 August 2019, related BlueKeep security vulnerabilities, collectively named
226:
143:
84:
2858:
2848:
2796:
2704:
2648:
2560:
2509:
2370:
2200:
1927:
1558:
492:
249:
1003:
846:"Microsoft warns users to patch as exploits for 'wormable' BlueKeep bug appear"
2801:
2786:
2714:
2504:
2454:
2358:
2310:
2286:
2274:
2132:
2057:
2047:
2037:
2022:
1982:
1907:
1538:
1401:
850:
515:"Microsoft patches Windows XP, Server 2003 to try to head off 'wormable' flaw"
467:
403:
383:
379:
351:
314:
194:
178:
2832:
2709:
2673:
2663:
2535:
2352:
2102:
2032:
1972:
1533:
1390:
878:"You Need to Patch Your Older Windows PCs Right Now to Patch a Serious Flaw"
689:
658:
557:
548:
411:
375:
359:
310:
218:
190:
174:
151:
123:
53:
2904:
2740:
2668:
2653:
2448:
2322:
2304:
2205:
2127:
1962:
1947:
1847:
1826:
1605:
257:
38:
1315:"Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708)"
755:"Microsoft practically begs Windows users to fix wormable BlueKeep flaw"
720:"Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708)"
17:
2770:
2643:
2606:
2540:
2519:
2489:
2442:
2424:
2346:
2280:
2062:
1977:
1967:
1952:
1412:
1132:"BlueKeep Exploits May Be Coming: Our Observations and Recommendations"
882:
294:
of the vulnerability seemed to be publicly known; however, undisclosed
291:
67:
2853:
2745:
2699:
2514:
2328:
2298:
2177:
2162:
1992:
1831:
1543:
1349:
1008:
914:
450:
402:
Microsoft released patches for the vulnerability on 14 May 2019, for
299:
588:"DejaBlue: New BlueKeep-Style Bugs Renew The Risk Of A Windows worm"
2478:
2418:
2388:
1697:
1072:
946:
519:
974:"RDP BlueKeep exploit shows why you really, really need to patch"
2750:
2545:
1789:
59:
1416:
426:. This included versions of Windows that have reached their
309:, were reported to affect newer Windows versions, including
433:
The NSA recommended additional measures, such as disabling
213:
The BlueKeep security vulnerability was first noted by the
158:(RDP) implementation, which allows for the possibility of
1729:
910:"Microsoft Issues 'Update Now' Warning To Windows Users"
816:"Microsoft dismisses new Windows RDP 'bug' as a feature"
263:
On the same day as the NSA advisory, researchers of the
30:"DejaBlue" redirects here. For bottled water brand, see
449:(NLA) for RDP. According to computer security company
313:
and all recent versions of the operating system up to
2893:
1162:"BlueKeep exploit to get a fix for its BSOD problem"
553:"Security Update Guide - Acknowledgements, May 2019"
2841:
2825:
2779:
2723:
2692:
2636:
2615:
2569:
2528:
2497:
2488:
2259:
2176:
2006:
1906:
1866:
1840:
1782:
1716:
1675:
1629:
1593:
1567:
1521:
1484:
1477:
118:
108:
90:
74:
58:A logo created for the vulnerability, featuring a
388:Cybersecurity and Infrastructure Security Agency
1769:Russian interference in the 2016 U.S. elections
1345:"RDP exposed: the wolves already at your door"
581:
579:
1428:
1098:Franceschi-Bicchieral, Lorenzo (2019-07-26).
748:
746:
744:
616:
614:
445:3389) if it is not being used, and requiring
8:
46:
1739:Democratic National Committee cyber attacks
543:
541:
2494:
1683:Office of Personnel Management data breach
1481:
1435:
1421:
1413:
317:, as well as the older Windows versions.
225:. BlueKeep is officially tracked as: CVE-
2900:
505:
1397:Proof-of-Concept of the flaw by Sophos
876:O'Neill, Patrick Howell (2019-05-31).
45:
1379:BlueKeep: Windows Update patches HERE
1249:
1247:
7:
713:
711:
1734:Commission on Elections data breach
468:Bad Rabbit ransomware attack - 2017
279:, citing a new behaviour where RDP
25:
1894:Jeff Bezos phone hacking incident
217:and, on 14 May 2019, reported by
215:UK National Cyber Security Centre
113:UK National Cyber Security Centre
2903:
2467:Microarchitectural Data Sampling
1703:Ukrainian Power Grid Cyberattack
1611:Cyberterrorism attack of June 25
1403:Technical discussion of the flaw
52:
1815:2017 Ukraine ransomware attacks
1652:2014 JPMorgan Chase data breach
1357:from the original on 2019-10-18
1325:from the original on 2019-09-06
1295:from the original on 2019-06-19
1265:from the original on 2020-03-07
1233:from the original on 2019-11-23
1204:from the original on 2019-12-02
1172:from the original on 2019-11-18
1160:Cimpanu, Catalin (2019-11-11).
1142:from the original on 2019-08-01
1112:from the original on 2019-07-26
1080:from the original on 2019-11-08
1066:Cimpanu, Catalin (2019-07-25).
1048:from the original on 2019-11-08
1016:from the original on 2019-07-03
984:from the original on 2019-12-07
954:from the original on 2019-07-02
922:from the original on 2019-06-01
890:from the original on 2019-06-01
858:from the original on 2019-05-31
826:from the original on 2019-12-17
797:from the original on 2019-09-02
767:from the original on 2019-07-22
730:from the original on 2019-09-06
697:from the original on 2019-05-29
666:from the original on 2019-09-13
635:from the original on 2019-11-27
600:from the original on 2021-04-13
565:from the original on 2019-11-23
527:from the original on 2019-06-04
1647:2014 celebrity nude photo leak
1190:Greenberg, Andy (2019-11-02).
844:Whittaker, Zack (2019-05-31).
586:Greenberg, Andy (2019-08-13).
273:the Windows 10 May 2019 Update
193:and all recent versions up to
1:
1884:Bulgarian revenue agency hack
1662:Russian hacker password theft
1343:Stockley, Mark (2019-07-17).
972:Stockley, Mark (2019-07-01).
513:Foley, Mary Jo (2019-05-14).
290:As of 1 June 2019, no active
2018:Bangladesh Black Hat Hackers
1494:(publication of 2009 events)
940:Palmer, Danny (2019-07-02).
908:Winder, Davey (2019-06-01).
447:Network Level Authentication
281:Network Level Authentication
189:Windows versions, including
1879:Baltimore ransomware attack
271:-related security issue in
2952:
2926:Computer security exploits
2153:Tailored Access Operations
1800:WannaCry ransomware attack
1693:Ashley Madison data breach
1637:Anthem medical data breach
1554:PlayStation network outage
1034:Goodin, Dan (2019-07-22).
785:Warren, Tom (2019-05-14).
753:Goodin, Dan (2019-05-31).
621:Goodin, Dan (2019-09-06).
473:WannaCry ransomware attack
185:, were reported to affect
36:
29:
1889:WhatsApp snooping scandal
1754:Indian Bank data breaches
1448:
1130:Rudis, Bob (2019-07-31).
386:, were not affected. The
51:
2431:Speculative Store Bypass
1998:Ukrainian Cyber Alliance
1795:2017 Macron e-mail leaks
346:arbitrary code execution
265:CERT Coordination Center
242:National Security Agency
37:Not to be confused with
1805:Westminster data breach
1724:Bangladesh Bank robbery
1667:2014 Yahoo! data breach
1657:2014 Sony Pictures hack
1616:2013 Yahoo! data breach
1601:South Korea cyberattack
1503:Operation Olympic Games
1498:Australian cyberattacks
478:Blaster (computer worm)
435:Remote Desktop Services
344:occurs that allows for
252:-based attacks such as
156:Remote Desktop Protocol
150:that was discovered in
2936:Windows administration
2910:Business and economics
2148:Syrian Electronic Army
1858:SingHealth data breach
1621:Singapore cyberattacks
1559:RSA SecurID compromise
488:Sasser (computer worm)
483:Dyn cyberattack – 2016
424:Windows Server 2008 R2
372:Windows Server 2008 R2
246:self-propagating worms
171:Windows Server 2008 R2
148:security vulnerability
2437:Lazy FP state restore
2221:Kristoffer von Hassel
1874:Sri Lanka cyberattack
1744:Vietnam Airport Hacks
1585:Operation High Roller
348:at the system level.
267:disclosed a separate
235:remote code execution
160:remote code execution
96:; 5 years ago
27:Windows security hole
2383:Silent Bob is Silent
1443:Hacking in the 2010s
1002:Staff (2019-05-29).
323:blue screen of death
2317:SS7 vulnerabilities
1853:Atlanta cyberattack
1822:Equifax data breach
1580:Stratfor email leak
1529:Canadian government
1508:Operation ShadowNet
437:and its associated
420:Windows Server 2008
416:Windows Server 2003
368:Windows Server 2008
364:Windows Server 2003
277:Windows Server 2019
48:
2766:Petya and NotPetya
2395:ROCA vulnerability
2158:The Shadow Brokers
2084:Iranian Cyber Army
2010:persistent threats
1810:Petya and NotPetya
1774:2016 Bitfinex hack
1749:DCCC cyber attacks
1708:SWIFT banking hack
1313:Cimpanu, Catalin.
718:Cimpanu, Catalin.
2931:2019 in computing
2891:
2890:
2887:
2886:
2879:ZeroAccess botnet
2191:Mustafa Al-Bassam
1958:New World Hackers
1921:associated events
1902:
1901:
1698:VTech data breach
1549:Operation AntiSec
1513:Operation Payback
1472:
1471:
978:NakedSecurity.com
133:
132:
128:Microsoft Windows
119:Affected software
76:CVE identifier(s)
16:(Redirected from
2943:
2908:
2907:
2899:
2495:
2168:Yemen Cyber Army
1492:Operation Aurora
1482:
1451:
1450:
1437:
1430:
1423:
1414:
1404:
1366:
1365:
1363:
1362:
1340:
1334:
1333:
1331:
1330:
1310:
1304:
1303:
1301:
1300:
1280:
1274:
1273:
1271:
1270:
1251:
1242:
1241:
1239:
1238:
1219:
1213:
1212:
1210:
1209:
1187:
1181:
1180:
1178:
1177:
1157:
1151:
1150:
1148:
1147:
1127:
1121:
1120:
1118:
1117:
1095:
1089:
1088:
1086:
1085:
1063:
1057:
1056:
1054:
1053:
1031:
1025:
1024:
1022:
1021:
999:
993:
992:
990:
989:
969:
963:
962:
960:
959:
937:
931:
930:
928:
927:
905:
899:
898:
896:
895:
873:
867:
866:
864:
863:
841:
835:
834:
832:
831:
812:
806:
805:
803:
802:
782:
776:
775:
773:
772:
750:
739:
738:
736:
735:
715:
706:
705:
703:
702:
681:
675:
674:
672:
671:
650:
644:
643:
641:
640:
618:
609:
608:
606:
605:
583:
574:
573:
571:
570:
545:
536:
535:
533:
532:
510:
296:proof of concept
104:
102:
97:
94:14 May 2019
56:
49:
21:
2951:
2950:
2946:
2945:
2944:
2942:
2941:
2940:
2916:
2915:
2914:
2902:
2894:
2892:
2883:
2837:
2821:
2775:
2719:
2688:
2632:
2611:
2565:
2524:
2484:
2264:
2262:vulnerabilities
2255:
2172:
2065:(confederation)
2028:Charming Kitten
2009:
2002:
1938:Goatse Security
1898:
1862:
1836:
1827:Deloitte breach
1778:
1764:Dyn cyberattack
1712:
1671:
1642:Operation Tovar
1625:
1589:
1563:
1517:
1478:Major incidents
1473:
1444:
1441:
1402:
1375:
1370:
1369:
1360:
1358:
1342:
1341:
1337:
1328:
1326:
1312:
1311:
1307:
1298:
1296:
1282:
1281:
1277:
1268:
1266:
1253:
1252:
1245:
1236:
1234:
1221:
1220:
1216:
1207:
1205:
1189:
1188:
1184:
1175:
1173:
1159:
1158:
1154:
1145:
1143:
1129:
1128:
1124:
1115:
1113:
1097:
1096:
1092:
1083:
1081:
1065:
1064:
1060:
1051:
1049:
1033:
1032:
1028:
1019:
1017:
1001:
1000:
996:
987:
985:
971:
970:
966:
957:
955:
939:
938:
934:
925:
923:
907:
906:
902:
893:
891:
875:
874:
870:
861:
859:
843:
842:
838:
829:
827:
814:
813:
809:
800:
798:
784:
783:
779:
770:
768:
752:
751:
742:
733:
731:
717:
716:
709:
700:
698:
683:
682:
678:
669:
667:
652:
651:
647:
638:
636:
620:
619:
612:
603:
601:
585:
584:
577:
568:
566:
547:
546:
539:
530:
528:
512:
511:
507:
502:
497:
463:
400:
342:heap corruption
337:
237:vulnerability.
211:
201:exploit of the
100:
98:
95:
70:
64:fortified tower
42:
35:
28:
23:
22:
15:
12:
11:
5:
2949:
2947:
2939:
2938:
2933:
2928:
2918:
2917:
2913:
2912:
2889:
2888:
2885:
2884:
2882:
2881:
2876:
2871:
2866:
2861:
2856:
2851:
2845:
2843:
2839:
2838:
2836:
2835:
2829:
2827:
2823:
2822:
2820:
2819:
2814:
2809:
2804:
2799:
2794:
2789:
2783:
2781:
2777:
2776:
2774:
2773:
2768:
2763:
2758:
2753:
2748:
2743:
2738:
2733:
2727:
2725:
2721:
2720:
2718:
2717:
2712:
2707:
2702:
2696:
2694:
2690:
2689:
2687:
2686:
2681:
2676:
2671:
2666:
2661:
2656:
2651:
2649:Black Energy 3
2646:
2640:
2638:
2634:
2633:
2631:
2630:
2625:
2619:
2617:
2613:
2612:
2610:
2609:
2604:
2599:
2594:
2589:
2584:
2579:
2573:
2571:
2567:
2566:
2564:
2563:
2558:
2556:Metulji botnet
2553:
2548:
2543:
2538:
2532:
2530:
2526:
2525:
2523:
2522:
2517:
2512:
2510:Black Energy 2
2507:
2501:
2499:
2492:
2486:
2485:
2483:
2482:
2476:
2470:
2464:
2458:
2452:
2446:
2440:
2434:
2428:
2422:
2416:
2410:
2404:
2398:
2392:
2386:
2380:
2374:
2368:
2365:Broadcom Wi-Fi
2362:
2356:
2350:
2344:
2338:
2332:
2326:
2320:
2314:
2308:
2302:
2296:
2290:
2284:
2278:
2271:
2269:
2257:
2256:
2254:
2253:
2248:
2243:
2238:
2233:
2228:
2226:Junaid Hussain
2223:
2218:
2216:Jeremy Hammond
2213:
2211:Elliott Gunton
2208:
2203:
2198:
2193:
2188:
2182:
2180:
2174:
2173:
2171:
2170:
2165:
2160:
2155:
2150:
2145:
2143:Stealth Falcon
2140:
2135:
2130:
2125:
2120:
2118:PLA Unit 61486
2115:
2113:PLA Unit 61398
2110:
2108:Numbered Panda
2105:
2100:
2086:
2081:
2076:
2071:
2066:
2060:
2055:
2053:Equation Group
2050:
2045:
2040:
2035:
2030:
2025:
2020:
2014:
2012:
2004:
2003:
2001:
2000:
1995:
1990:
1985:
1980:
1975:
1970:
1965:
1960:
1955:
1950:
1945:
1940:
1935:
1930:
1925:
1924:
1923:
1912:
1910:
1904:
1903:
1900:
1899:
1897:
1896:
1891:
1886:
1881:
1876:
1870:
1868:
1864:
1863:
1861:
1860:
1855:
1850:
1844:
1842:
1838:
1837:
1835:
1834:
1829:
1824:
1819:
1818:
1817:
1807:
1802:
1797:
1792:
1786:
1784:
1780:
1779:
1777:
1776:
1771:
1766:
1761:
1756:
1751:
1746:
1741:
1736:
1731:
1726:
1720:
1718:
1714:
1713:
1711:
1710:
1705:
1700:
1695:
1690:
1685:
1679:
1677:
1673:
1672:
1670:
1669:
1664:
1659:
1654:
1649:
1644:
1639:
1633:
1631:
1627:
1626:
1624:
1623:
1618:
1613:
1608:
1603:
1597:
1595:
1591:
1590:
1588:
1587:
1582:
1577:
1571:
1569:
1565:
1564:
1562:
1561:
1556:
1551:
1546:
1544:HBGary Federal
1541:
1536:
1531:
1525:
1523:
1519:
1518:
1516:
1515:
1510:
1505:
1500:
1495:
1488:
1486:
1479:
1475:
1474:
1470:
1469:
1463:
1458:
1449:
1446:
1445:
1442:
1440:
1439:
1432:
1425:
1417:
1411:
1410:
1399:
1394:
1374:
1373:External links
1371:
1368:
1367:
1335:
1305:
1275:
1261:. 2019-05-21.
1243:
1229:. 2019-11-07.
1214:
1182:
1152:
1122:
1090:
1058:
1026:
994:
964:
932:
900:
868:
836:
822:. 2019-06-06.
820:Naked Security
807:
777:
740:
707:
693:. 2019-05-14.
676:
662:. 2019-05-14.
645:
610:
575:
537:
504:
503:
501:
498:
496:
495:
490:
485:
480:
475:
470:
464:
462:
459:
399:
396:
336:
333:
240:Both the U.S.
210:
207:
131:
130:
120:
116:
115:
110:
106:
105:
92:
88:
87:
78:
72:
71:
57:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
2948:
2937:
2934:
2932:
2929:
2927:
2924:
2923:
2921:
2911:
2906:
2901:
2897:
2880:
2877:
2875:
2872:
2870:
2867:
2865:
2862:
2860:
2857:
2855:
2852:
2850:
2847:
2846:
2844:
2840:
2834:
2831:
2830:
2828:
2824:
2818:
2815:
2813:
2810:
2808:
2805:
2803:
2800:
2798:
2795:
2793:
2790:
2788:
2785:
2784:
2782:
2778:
2772:
2769:
2767:
2764:
2762:
2759:
2757:
2754:
2752:
2749:
2747:
2744:
2742:
2739:
2737:
2734:
2732:
2729:
2728:
2726:
2722:
2716:
2713:
2711:
2708:
2706:
2703:
2701:
2698:
2697:
2695:
2691:
2685:
2682:
2680:
2679:Gameover ZeuS
2677:
2675:
2672:
2670:
2667:
2665:
2662:
2660:
2657:
2655:
2652:
2650:
2647:
2645:
2642:
2641:
2639:
2635:
2629:
2626:
2624:
2621:
2620:
2618:
2614:
2608:
2605:
2603:
2600:
2598:
2595:
2593:
2590:
2588:
2585:
2583:
2580:
2578:
2575:
2574:
2572:
2568:
2562:
2559:
2557:
2554:
2552:
2549:
2547:
2544:
2542:
2539:
2537:
2534:
2533:
2531:
2527:
2521:
2518:
2516:
2513:
2511:
2508:
2506:
2503:
2502:
2500:
2496:
2493:
2491:
2487:
2480:
2477:
2474:
2471:
2468:
2465:
2462:
2459:
2456:
2453:
2450:
2447:
2444:
2441:
2438:
2435:
2432:
2429:
2426:
2423:
2420:
2417:
2414:
2411:
2408:
2405:
2402:
2399:
2396:
2393:
2390:
2387:
2384:
2381:
2378:
2375:
2372:
2369:
2366:
2363:
2360:
2357:
2354:
2351:
2348:
2345:
2342:
2339:
2336:
2333:
2330:
2327:
2324:
2321:
2318:
2315:
2312:
2309:
2306:
2303:
2300:
2297:
2294:
2291:
2288:
2285:
2282:
2279:
2276:
2273:
2272:
2270:
2268:
2263:
2258:
2252:
2249:
2247:
2244:
2242:
2239:
2237:
2234:
2232:
2229:
2227:
2224:
2222:
2219:
2217:
2214:
2212:
2209:
2207:
2204:
2202:
2199:
2197:
2194:
2192:
2189:
2187:
2184:
2183:
2181:
2179:
2175:
2169:
2166:
2164:
2161:
2159:
2156:
2154:
2151:
2149:
2146:
2144:
2141:
2139:
2138:Rocket Kitten
2136:
2134:
2131:
2129:
2126:
2124:
2121:
2119:
2116:
2114:
2111:
2109:
2106:
2104:
2101:
2098:
2094:
2090:
2089:Lazarus Group
2087:
2085:
2082:
2080:
2077:
2075:
2072:
2070:
2067:
2064:
2061:
2059:
2056:
2054:
2051:
2049:
2046:
2044:
2041:
2039:
2036:
2034:
2031:
2029:
2026:
2024:
2021:
2019:
2016:
2015:
2013:
2011:
2005:
1999:
1996:
1994:
1991:
1989:
1986:
1984:
1981:
1979:
1976:
1974:
1971:
1969:
1966:
1964:
1961:
1959:
1956:
1954:
1951:
1949:
1946:
1944:
1941:
1939:
1936:
1934:
1931:
1929:
1926:
1922:
1919:
1918:
1917:
1914:
1913:
1911:
1909:
1905:
1895:
1892:
1890:
1887:
1885:
1882:
1880:
1877:
1875:
1872:
1871:
1869:
1865:
1859:
1856:
1854:
1851:
1849:
1846:
1845:
1843:
1839:
1833:
1832:Disqus breach
1830:
1828:
1825:
1823:
1820:
1816:
1813:
1812:
1811:
1808:
1806:
1803:
1801:
1798:
1796:
1793:
1791:
1788:
1787:
1785:
1781:
1775:
1772:
1770:
1767:
1765:
1762:
1760:
1757:
1755:
1752:
1750:
1747:
1745:
1742:
1740:
1737:
1735:
1732:
1730:
1727:
1725:
1722:
1721:
1719:
1715:
1709:
1706:
1704:
1701:
1699:
1696:
1694:
1691:
1689:
1686:
1684:
1681:
1680:
1678:
1674:
1668:
1665:
1663:
1660:
1658:
1655:
1653:
1650:
1648:
1645:
1643:
1640:
1638:
1635:
1634:
1632:
1628:
1622:
1619:
1617:
1614:
1612:
1609:
1607:
1606:Snapchat hack
1604:
1602:
1599:
1598:
1596:
1592:
1586:
1583:
1581:
1578:
1576:
1575:LinkedIn hack
1573:
1572:
1570:
1566:
1560:
1557:
1555:
1552:
1550:
1547:
1545:
1542:
1540:
1537:
1535:
1532:
1530:
1527:
1526:
1524:
1520:
1514:
1511:
1509:
1506:
1504:
1501:
1499:
1496:
1493:
1490:
1489:
1487:
1483:
1480:
1476:
1468: →
1467:
1464:
1462:
1459:
1457:
1454:←
1453:
1452:
1447:
1438:
1433:
1431:
1426:
1424:
1419:
1418:
1415:
1409:
1405:
1400:
1398:
1395:
1392:
1388:
1384:
1380:
1377:
1376:
1372:
1356:
1352:
1351:
1346:
1339:
1336:
1324:
1320:
1316:
1309:
1306:
1294:
1290:
1286:
1279:
1276:
1264:
1260:
1256:
1250:
1248:
1244:
1232:
1228:
1224:
1218:
1215:
1203:
1199:
1198:
1193:
1186:
1183:
1171:
1167:
1163:
1156:
1153:
1141:
1137:
1133:
1126:
1123:
1111:
1107:
1106:
1101:
1094:
1091:
1079:
1075:
1074:
1069:
1062:
1059:
1047:
1043:
1042:
1037:
1030:
1027:
1015:
1011:
1010:
1005:
998:
995:
983:
979:
975:
968:
965:
953:
949:
948:
943:
936:
933:
921:
917:
916:
911:
904:
901:
889:
885:
884:
879:
872:
869:
857:
853:
852:
847:
840:
837:
825:
821:
817:
811:
808:
796:
792:
788:
781:
778:
766:
762:
761:
756:
749:
747:
745:
741:
729:
725:
721:
714:
712:
708:
696:
692:
691:
686:
680:
677:
665:
661:
660:
655:
649:
646:
634:
630:
629:
624:
617:
615:
611:
599:
595:
594:
589:
582:
580:
576:
564:
560:
559:
554:
550:
544:
542:
538:
526:
522:
521:
516:
509:
506:
499:
494:
491:
489:
486:
484:
481:
479:
476:
474:
471:
469:
466:
465:
460:
458:
456:
452:
448:
444:
440:
436:
431:
429:
425:
421:
417:
413:
409:
408:Windows Vista
405:
397:
395:
393:
389:
385:
381:
377:
373:
369:
365:
361:
357:
356:Windows Vista
353:
349:
347:
343:
334:
332:
329:
326:
324:
318:
316:
312:
308:
303:
301:
297:
293:
288:
286:
282:
278:
274:
270:
266:
261:
259:
255:
251:
247:
243:
238:
236:
232:
228:
224:
220:
216:
208:
206:
204:
200:
196:
192:
188:
184:
180:
176:
172:
168:
163:
161:
157:
153:
149:
145:
141:
137:
129:
125:
121:
117:
114:
111:
107:
93:
89:
86:
82:
79:
77:
73:
69:
66:built within
65:
61:
55:
50:
44:
40:
33:
19:
2623:CryptoLocker
2472:
2377:DoublePulsar
2196:Cyber Anakin
2186:Ryan Ackroyd
2079:Helix Kitten
2074:Hacking Team
2069:Guccifer 2.0
1943:Lizard Squad
1759:Surkov leaks
1688:Hacking Team
1359:. Retrieved
1348:
1338:
1327:. Retrieved
1318:
1308:
1297:. Retrieved
1288:
1283:Tung, Liam.
1278:
1267:. Retrieved
1259:McAfee Blogs
1258:
1235:. Retrieved
1226:
1217:
1206:. Retrieved
1195:
1185:
1174:. Retrieved
1165:
1155:
1144:. Retrieved
1135:
1125:
1114:. Retrieved
1103:
1093:
1082:. Retrieved
1071:
1061:
1050:. Retrieved
1041:Ars Technica
1039:
1029:
1018:. Retrieved
1007:
997:
986:. Retrieved
977:
967:
956:. Retrieved
945:
935:
924:. Retrieved
913:
903:
892:. Retrieved
881:
871:
860:. Retrieved
849:
839:
828:. Retrieved
819:
810:
799:. Retrieved
790:
780:
769:. Retrieved
760:Ars Technica
758:
732:. Retrieved
723:
699:. Retrieved
688:
679:
668:. Retrieved
657:
648:
637:. Retrieved
628:Ars Technica
626:
602:. Retrieved
591:
567:. Retrieved
556:
551:(May 2019).
529:. Retrieved
518:
508:
432:
401:
392:Windows 2000
350:
338:
330:
327:
319:
306:
304:
289:
285:Group Policy
262:
239:
212:
186:
182:
167:Windows 2000
164:
135:
134:
126:versions of
91:Date patched
43:
2859:NetTraveler
2797:LogicLocker
2705:Hidden Tear
2602:Red October
2461:Dragonblood
2371:EternalBlue
2335:Stagefright
2201:George Hotz
2178:Individuals
1928:CyberBerkut
493:EternalBlue
428:end-of-life
250:EternalBlue
2920:Categories
2802:Rensenware
2787:BrickerBot
2715:TeslaCrypt
2505:Bad Rabbit
2455:Foreshadow
2359:Cloudbleed
2311:Row hammer
2293:Shellshock
2287:Heartbleed
2275:Evercookie
2251:The Jester
2133:Red Apollo
2093:BlueNorOff
2063:GOSSIPGIRL
2058:Fancy Bear
2048:Elfin Team
2043:DarkMatter
2038:Dark Basin
2023:Bureau 121
1983:Teamp0ison
1908:Hacktivism
1539:DNSChanger
1361:2019-07-17
1329:2019-06-20
1299:2019-06-20
1269:2019-06-19
1237:2019-11-09
1208:2019-11-03
1176:2019-11-13
1146:2019-08-01
1136:Rapid7.com
1116:2019-07-26
1084:2019-07-25
1052:2019-07-23
1020:2019-07-02
988:2019-07-01
958:2019-07-02
926:2019-06-01
894:2019-05-31
862:2019-05-31
851:TechCrunch
830:2019-06-20
801:2019-06-20
771:2019-05-31
734:2019-06-20
701:2019-05-28
670:2019-05-29
639:2019-09-06
604:2019-08-13
569:2019-06-07
531:2019-06-07
500:References
404:Windows XP
398:Mitigation
384:Windows 11
380:Windows 10
352:Windows XP
315:Windows 10
229:and is a "
199:Metasploit
195:Windows 10
179:Windows XP
109:Discoverer
101:2019-05-14
2833:VPNFilter
2710:Rombertik
2674:FinFisher
2664:DarkHotel
2628:DarkSeoul
2536:Coreflood
2401:BlueBorne
2353:Dirty COW
2267:disclosed
2265:publicly
2103:NSO Group
2033:Cozy Bear
1973:PayPal 14
1916:Anonymous
1790:SHAttered
1534:DigiNotar
1391:Microsoft
1227:Microsoft
791:The Verge
690:Microsoft
659:Microsoft
558:Microsoft
549:Microsoft
412:Windows 7
376:Windows 8
360:Windows 7
335:Mechanism
311:Windows 7
227:2019-0708
219:Microsoft
191:Windows 7
175:Windows 7
152:Microsoft
144:2019-0708
124:Windows 8
85:2019-0708
32:Dejà Blue
2874:Titanium
2817:XafeCopy
2812:WannaCry
2741:KeRanger
2669:Duqu 2.0
2654:Carbanak
2473:BlueKeep
2449:SigSpoof
2407:Meltdown
2323:WinShock
2305:Rootpipe
2206:Guccifer
2128:Pranknet
2123:PLATINUM
2097:AndAriel
2008:Advanced
1963:NullCrew
1948:LulzRaft
1848:Trustico
1461:Timeline
1355:Archived
1323:Archived
1293:Archived
1263:Archived
1231:Archived
1202:Archived
1170:Archived
1140:Archived
1110:Archived
1078:Archived
1046:Archived
1014:Archived
982:Archived
952:Archived
920:Archived
888:Archived
856:Archived
824:Archived
795:Archived
765:Archived
728:Archived
695:Archived
664:Archived
633:Archived
598:Archived
563:Archived
525:Archived
461:See also
307:DejaBlue
258:WannaCry
254:NotPetya
231:wormable
203:wormable
183:DejaBlue
169:through
136:BlueKeep
47:BlueKeep
39:BlueBEEP
18:DejaBlue
2771:X-Agent
2761:Pegasus
2644:Brambul
2607:Shamoon
2551:Kelihos
2541:Alureon
2520:Stuxnet
2490:Malware
2443:TLBleed
2425:Exactis
2413:Spectre
2347:Badlock
2281:iSeeYou
2246:Topiary
1978:RedHack
1968:OurMine
1953:LulzSec
1408:YouTube
883:Gizmodo
292:malware
223:Twitter
209:History
146:) is a
99: (
68:castles
2896:Portal
2854:Joanap
2807:Triton
2746:Necurs
2736:Jigsaw
2731:Hitler
2700:Dridex
2659:Careto
2582:Dexter
2515:SpyEye
2481:(2019)
2475:(2019)
2469:(2019)
2463:(2019)
2457:(2018)
2451:(2018)
2445:(2018)
2439:(2018)
2433:(2018)
2427:(2018)
2421:(2018)
2415:(2018)
2409:(2018)
2403:(2017)
2397:(2017)
2391:(2017)
2385:(2017)
2379:(2017)
2373:(2017)
2367:(2017)
2361:(2017)
2355:(2016)
2349:(2016)
2343:(2016)
2337:(2015)
2331:(2015)
2329:JASBUG
2325:(2014)
2319:(2014)
2313:(2014)
2307:(2014)
2301:(2014)
2299:POODLE
2295:(2014)
2289:(2014)
2283:(2013)
2277:(2010)
2260:Major
2241:Track2
2163:xDedic
1993:UGNazi
1350:Sophos
1009:Sophos
915:Forbes
451:Sophos
422:, and
370:, and
300:Sophos
2869:Tinba
2756:Mirai
2684:Regin
2597:Mahdi
2592:Flame
2577:Carna
2561:Stars
2479:Kr00k
2419:EFAIL
2389:KRACK
2341:DROWN
1466:2020s
1456:2000s
1319:ZDNet
1289:ZDNet
1197:Wired
1166:ZDNet
1073:ZDNet
947:ZDNet
724:ZDNet
593:Wired
520:ZDNet
187:newer
2864:R2D2
2849:Grum
2842:2019
2826:2018
2792:Kirk
2780:2017
2751:MEMZ
2724:2016
2693:2015
2637:2014
2616:2013
2570:2012
2546:Duqu
2529:2011
2498:2010
2236:Sabu
1988:TDO
1933:GNAA
1867:2019
1841:2018
1783:2017
1717:2016
1676:2015
1630:2014
1594:2013
1568:2012
1522:2011
1485:2010
1387:HERE
1385:and
1383:HERE
1105:Vice
439:port
382:and
275:and
256:and
173:and
122:pre-
62:, a
60:keep
2587:FBI
2231:MLT
2095:) (
1406:on
455:VPN
443:TCP
269:RDP
154:'s
140:CVE
81:CVE
2922::
1393:).
1381:,
1353:.
1347:.
1321:.
1317:.
1291:.
1287:.
1257:.
1246:^
1225:.
1200:.
1194:.
1168:.
1164:.
1138:.
1134:.
1108:.
1102:.
1076:.
1070:.
1044:.
1038:.
1012:.
1006:.
980:.
976:.
950:.
944:.
918:.
912:.
886:.
880:.
854:.
848:.
818:.
793:.
789:.
763:.
757:.
743:^
726:.
722:.
710:^
687:.
656:.
631:.
625:.
613:^
596:.
590:.
578:^
561:.
555:.
540:^
523:.
517:.
457:.
418:,
414:,
410:,
406:,
394:.
378:,
366:,
362:,
358:,
354:,
287:.
260:.
233:"
162:.
2898::
2099:)
2091:(
1436:e
1429:t
1422:v
1389:(
1364:.
1332:.
1302:.
1272:.
1240:.
1211:.
1179:.
1149:.
1119:.
1087:.
1055:.
1023:.
991:.
961:.
929:.
897:.
865:.
833:.
804:.
774:.
737:.
704:.
673:.
642:.
607:.
572:.
534:.
441:(
321:"
142:-
138:(
103:)
83:-
41:.
34:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.