The security hole exploited by WannaCry is still alive, four years later Lock

The protocol which was exploited by the WannaCry ransomware to encrypt nearly a quarter of a million systems around the world four years ago is still being used in enterprise IT environments according to new research from ExtraHop.

The network detection and response firm’s threat research team first began looking into the prevalence of insecure protocols such as Server Message Block version one (SMBv1), Link-Local Multicast Name Resolutions (LLMNR), NT Lan Manager (NTLMv1) and Hypertext Transfer Protocol (HTTP) in enterprise IT environments earlier this year.