"regdrv.exe" delivered via SMB Eternal Blue exploit, adds "Security Fix" rule disabling SMB (and talks to server in Russia)

Map. History of Cyberwar conflict

28 May 2017