Bluekeep Threat hunting

The BlueKeep Attack, a successful attack!!!

Based on Microsoft security researcher’s estimation, nearly 1.5 million devices were vulnerable to BlueKeep (CVE-2019-0708, a critical vulnerability in remote desktop services). The estimation demonstrates how such a theoretical attack could be of a similar scale to WannaCry #EternalBlue #PetyaNotPetya. BlueKeep is also “wormable”. This means that the threats exploiting this vulnerability can propagate similar…