WannaCry s ransom note
Where were you on May 12, 2017? For many cybersecurity professionals, the answer is trying to contain the fallout from WannaCry, the ransomware that on that day began hitting organizations worldwide.
WannaCry spread quickly because it included an exploit for a widespread flaw in Windows Server Message Block version 1, aka EternalBlue. The flaw, CVE-2017-0143, was long ago patched by Microsoft - in fact, shortly before WannaCry appeared - via its MS17-010 security update. If we leave such types of vulnerabilities unpatched for too long, what else are we doing?
So it s concerning that as security firms in recent weeks have been recapping top trends from 2020, one particular strain of malware and one particular vulnerability continue to loom large: WannaCry and EternalBlue.