Microsoft Patch Tuesday, February 2021 Edition

Microsoft today rolled out updates to plug at least 56 security holes in its Windows operating systems and other software. One of the bugs is already being actively exploited, and six of them were publicized prior to today, potentially giving attackers a head start in figuring out how to exploit the flaws. Continue reading Microsoft Patch Tuesday, February 2021 Edition

Critical MobileIron RCE Flaw Under Active Attack

Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others. Continue reading Critical MobileIron RCE Flaw Under Active Attack

Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack

Researchers said the group was able to move from initial phish to full domain-wide encryption in just five hours. Continue reading Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack

Election Systems Under Attack via Microsoft Zerologon Exploits

Cybercriminals are chaining Microsoft’s Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns. Continue reading Election Systems Under Attack via Microsoft Zerologon Exploits

Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors

Microsoft warns that the MERCURY APT has been actively exploiting CVE-2020-1472 in campaigns for the past two weeks. Continue reading Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors

Zerologon Attacks Against Microsoft DCs Snowball in a Week

The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged. Continue reading Zerologon Attacks Against Microsoft DCs Snowball in a Week

Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft’s warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest. Continue reading Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Feds Yell PATCH NOW over Windows AD ‘Zerologon’ Vuln

CISA sent an unusual warning late last week. The source of their fears? The Zerologon vulnerability, disclosed last week.
The post Feds Yell PATCH NOW over Windows AD ‘Zerologon’ Vuln appeared first on Security Boulevard.
Continue reading Feds Yell PATCH NOW over Windows AD ‘Zerologon’ Vuln

DHS Issues Dire Patch Warning for ‘Zerologon’

The deadline looms for U.S. Cybersecurity and Infrastructure Security Agency’s emergency directive for federal agencies to patch against the so-called ‘Zerologon’ vulnerability. Continue reading DHS Issues Dire Patch Warning for ‘Zerologon’

Detecting Zerologon (CVE-2020-1472) with Zeek

By Yacin Nadji, Corelight Security Researcher CVE-2020-1472 aka Zerologon, disclosed by Tom Tervoort of Secura, is an illustrative case study of how a small implementation mistake in cryptographic routines cascades into a privilege escalation vulnerabi… Continue reading Detecting Zerologon (CVE-2020-1472) with Zeek