Security experts have been warning about bad actors soon developing exploits for a BlueKeep vulnerability that was patched by Microsoft earlier this month. Exploits in the wild are likely closer than ever after one security company spotted a huge uptick in scanning for BlueKeep over the weekend.
The Department of Homeland Security and the Federal Bureau of Investigation issued a security alert warning bad actors are using SamSam ransomware to target industries across the United States and worldwide.
Microsoft issued new security guidance on the Credential Security Support Provider protocol (CredSSP) vulnerability (CVE-2018-0886) that could allow remote code execution. As part of the updates, Microsoft plans to soon prevent un-patched RDP clients (that uses CredSSP) from authenticating to Windows.