FireEye said threat actors are using the NSA’s EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT.

Researchers at Kaspersky Lab have found a number of programming errors in the WannaCry ransomware code that put file recovery within reach of sysadmins.

Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware.

Experts have confirmed there are similarities between code used by the ransomware WannaCry and the Lazarus APT.

Exploits spreading WannaCry ransomware have surfaced after the discovery of a killswitch put a quick halt to the initial global outbreak.

Attackers behind today’s WannaCry ransomware outbreak in Europe are spreading the malware using the EternalBlue exploit leaked by the ShadowBrokers.