EternalBlue, the stolen exploit lifted from the NSA by hacking group ‘Shadow Brokers’? You remember, the headlines from 2017, it targeted older versions of Windows and gave life to the malware known as WannaCry?
Researchers from RiskSense have now discovered similar exploits, that can be used to target all versions of Windows. To maintain the existing category, the threats are called EternalChampion, EternalRomance and EternalSynergy.
Mark James, ESET IT Security Specialist, discusses the danger of older exploits being repurposed to target new vulnerabilities.
“One of the problems with digital exploits is the ability to tailor them for current or future use. Although the original attack method may stop working, it may only take a small tweak in the code to recast it as a formidable weapon for reuse.”
“When it comes to protecting your environment one of the key pieces of advice is keeping your operating system and all your applications patched and up-to-date.”
“The worry is that you wave the advice away because it constantly pops up, but in some cases it really could mean the difference between getting compromised or not. Most exploits rely on an unpatched system, once it’s patched that entry (point) is gone.”
“Keeping your system up-to-date these days is not that difficult, programmes both free and paid for will help you make it easier and in most cases, will nudge or inform you about updates and when best to install them.”
To learn more about how ESET addresses updates and patch management click here