EternalBlue

EternalBlue is one of the handful of “exploitation tools” leaked by a group called The Shadow Brokers (TSB) that take advantage of weaknesses in how Windows implemented the Server Message Block (SMB) protocol. The WannaCry and NotPetya ransomware strains used this exploit to target unpatched systems.

For more information, see this blog post on how threat actors are using SMB vulnerabilities in their attack campaigns.

Select your language