• BlueKeep now being used in attacks – but the sky isn’t falling

    Remember BlueKeep – the “wormable” monster infection that was supposed to take over the Windows world?

    Two months ago, I warned that there was a working exploit making the rounds.

    We finally saw a slightly modified version of that Metasploit exploit used in a for-real infection. Except it isn’t nearly as scary as originally projected, doesn’t operate as a worm, and isn’t exactly taking the world by storm.

    Kevin Beaumont found evidence of the infection in some honeypots he set up – but had stopped monitoring.

    As expected, folks who have either disabled RDP or blocked port 3389 are fine. Still…

    Word to the wise: If you haven’t updated your Win7 or Server 2008/Server 2008R2 machine since May, you better get on the stick.

    See, there’s a reason why you have to update sooner or later.

    Full details from Catalin Cimpanu at ZDNet. Thx GoneToPlaid (who just had a Tesla mode named after him).