eternalblue
Safeguard articles tagged "eternalblue" — guides, analysis, and best practices for software supply chain and application security.
5 articles
EternalBlue (CVE-2017-0144) Explained: The SMBv1 Flaw Behind WannaCry
CVE-2017-0144 is the SMBv1 remote code execution bug that powered WannaCry and NotPetya. Here is how the EternalBlue exploit works, why it spread, and how to stay clear of it today.
What is EternalBlue
EternalBlue (CVE-2017-0144) turned a patched SMBv1 flaw into WannaCry and NotPetya. Here is the exploit, timeline, and remediation, explained.
EternalBlue SMBv1 RCE (CVE-2017-0144)
EternalBlue (CVE-2017-0144) turned a Windows SMBv1 flaw into WannaCry and NotPetya. Here's the risk context, timeline, and fix.
NotPetya's Origin: A Supply Chain Story From Ukraine
NotPetya is remembered as ransomware. It was not. It was a supply chain wiper that detonated through Ukrainian tax software in June 2017.
WannaCry's Supply Chain Dimensions
WannaCry was not a supply chain attack in the usual sense. Its real supply chain story is EternalBlue, NSA leaks, and the patch cycle.