Palo Alto Networks

ETERNALBLUE

A Dissection of the “EsteemAudit” Windows Remote Desktop Exploit

A Dissection of the “EsteemAudit” Windows Remote Desktop Exploit

In April, a group known as the “Shadow Brokers” released a cache of stolen information that included multiple tools to exploit vulnerabilities in various versions of Microsoft Windows. The most famous of these is an exploit tool called “EternalBlue” which was repurposed to spread the WanaCrypt0r ransomware/worm earlier this mont...

Unit 42
May 31, 2017
By 

Palo Alto Networks

Announcements
Company & Culture
Points of View
Public Sector
Products and Services
Partners

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links