A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
CVE-2020-0796 Base Score: 10.0 CRITICAL
Allows for unauthenticated code execution, at first it was local, but remote code execution POCs have been published now.
Michigan State University was ransomed via CVE-2020-0796 (SMBv3 pre-auth execution) and the story mentioned Netwalker.
NetWalker Ransomware Operators Targets Columbia College of Chicago
Once again, the Net-Walker ransomware operators trap a big fish in their net. In this instance, they targeted the Columbia College of Chicago and leaked their confidential data online.