Hey kid, WannaCry?: A year after WannaCry, EternalBlue is bigger than ever - Sensationalist Headlines

https://www.bleepingcomputer.com/news/security/one-year-after-wannacry-eternalblue-exploit-is-bigger-than-ever/ But the initial version of EternalBlue wasn't perfect. It only worked on Windows 7 and Windows Server 2008 and crashed on Windows XP. EternalBlue did a lot of damage during WannaCry, but there were very few malware authors that knew how to use it. This is why, according to ESET, that shortly after WannaCry, EternalBlue usage declined tremendously. This threat doesn't only come from malware authors continuing to weaponize it for a diverse set of operations. Malware authors wouldn't ever bother with an inefficient exploit. ExploitBlue continues to be a threat because of the vulnerable machines still available online. According to Nate Warfield of the Microsoft Security Response Center, there are still plenty of vulnerable Windows systems exposing their SMB service available online. Almost a year after WannaCry and there's still over a million SMB servers without auth exposed to the world. At least it looks like "only" 66k of them are running Windows pic.twitter.com/ZBlPA0SJU2 — Nate Warfield (@dk_effect) May 11, 2018 And this isn't including EternalRocks or EternalRomance Basically: Patch your shit, folks. Else big blue gonna get you.

Watch as the NHS can't afford to upgrade and gets attacked again

Then obviously they were not running efficiently enough and we should cut their funding more, that'll show 'em!

My malware bytes sub just ran out and of course I have no job to pay for another. I feel naked now.

Almost a year after WannaCry and there's still over a million SMB servers without auth exposed to the world. At least it looks like "only" 66k of them are running Windows pic.twitter.com/ZBlPA0SJU2 — Nate Warfield (@dk_effect) May 11, 2018 This is a bit misleading. While it's really bad practice to leave SMB servers without auth available to the public Internet, that does not necessarily mean that it's vulnerable to any particular exploit.

Not getting viruses as a personal user is so fucking easy that if you need paid AV you're doing something very wrong tbh.

I am careful, but I still feel better knowing I have an AM watching over things cause shit happens no matter how cautious you are. No reason to be snide about it.

A free AV will do a pretty similar job, just about as well. I personally roll Malware Bytes free for the most part and use other utilities for boot scans, etc, have NoScript and uBlock Origin. I run a complete virus scan once a month or so, I've had a total of 1 result in the last 4 years and it was a false positive for a noCD crack I had used after installing an old game I own via CD because the noCD crack made the game work on win10.

Can tell you that at least, its been right hell for them, with pushed budgets they've been pressed for rolling out new equipment for years, wannacry was a kick in the ass for management to finally give them fucking funding to do it. I can list hospitals I know that have done complete rollouts to their entire systems to protect them from shit like wannacry again if you want, its intensive as hell and its actually put my dad into the fucking hospital he is working at over the stress its caused. If any hospital gets attacked again, it'll be one like Stanford and Rutland Hospital where their "solution" for this is literally a room full of tapes and a reader, for their entire network. If they get hit, it'll take them months to get back to where they were, and their management thinks that's A OK. Between mis-management and funding cuts, the NHS is a mess but most of it can be blamed on funding cuts.

B-but I am using my PC 23 hours a day and I can't be bothered with rebooting it once in a while manually, so I downloaded that registry file to remove mentiones of updates. And then I am gonna go rant on Reddit after Windows is gonna get tired of my shit and just forces me to update.

Should have bought a lifetime license when you could, they're still avaliable.

The true Windows experience™

Regardless of how careful you are, you should always have antimalware services running to be safe. Security isn't a matter of perfect guarantees. It's a matter of lowering probabilities and the probability is never zero.

Yeah, and as I said, a free AV does that to a perfectly functional level.