What we know so far about Byata. 🔗Summary 🔗Yes, this is bad — real bad — this is another ransom-ware leveraging SMB network kernel vulnerabilities to spread on the local network. The exploit used is based on ETERNALBLUE NSA’s exploit leaked by TheShadowBrokers in April, 2017. Similar to WannaCry. No kill-switch this time. (& stop hoping for one) Update: The initial infection vector seem to have been a rogue update pushed by the attackers via the Ukranian accounting softwar...
