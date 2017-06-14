WannaCry (using the purloined exploit kit ETERNALBLUE) was paused, for now. Heroic efforts from security practitioners around the world (and a congratulations to @malwaretech for finding the “kill switch” domain!) So, what’s next? In a word, Linux.

Expanding on that, we must be aware of the many embedded systems that use linux. Include routers, POS terminals, lots of medical equipment, TVs, cameras, and pretty much every smart device you can think of, as well as web platforms in the cloud and within the organisation.

This graphic is from a Shodan search, taking a look at the machines running Linux with open Samba ports. There are a lot reported out there (and probably more obscured from a simple scan view). Recently, news appeared online of a younger sibling for the sensational vulnerability ETERNALBLUE. The story was about a new vulnerability for Unix and Linux-based systems – ETERNALRED (aka SambaCry). This vulnerability has been in existence since 2010 and has only recently been fixed in the latest distribution releases.

via the fine folks at Gartner