Collaborate Disseminate
Researchers have new discovered a new Common Vulnerability & Exposure (CVE) called Zerologon. According to, Microsoft’s Security Update Aug. 11: “The elevation of privilege vulnerability for Zerologon, or CVE-2020-147, exists when an attacker esta… Continue reading Beware of Zerologon Vulnerabilities in Windows Server
Microsoft has just announced a way to disable JScript in Internet Explorer. This would have been very useful a few years ago, to proactively prevent problems found in the now-ancient JScript engine, which ran their own slightly different version of standard JavaScript. Even though IE is no longer under active …read more
Continue reading This Week in Security: Too Little Too Late, and Other Stories
The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities. Continue reading Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks
Researchers said the group was able to move from initial phish to full domain-wide encryption in just five hours. Continue reading Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack
Cybercriminals are chaining Microsoft’s Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns. Continue reading Election Systems Under Attack via Microsoft Zerologon Exploits
The post Microsoft Domain Controller “ZeroLogon” and RCE Vulnerabilities Test appeared first on Digital Defense, Inc..
The post Microsoft Domain Controller “ZeroLogon” and RCE Vulnerabilities Test appeared first on Security Boulevard.
Continue reading Microsoft Domain Controller “ZeroLogon” and RCE Vulnerabilities Test
Today, we released a Threat Definition Update bundle for our Tripwire Industrial Visibility solution to aid in the detection of Zerologon. Otherwise known as CVE-2020-1472, Zerologon made news in the summer of 2020 when it received a CVSSv3 score of 10… Continue reading Zerologon: Tripwire Industrial Visibility Threat Definition Update Released
A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, October 2020.
COVID-19 wasn’t the only virus seriously disrupting the start of the new UK academic year, … Continue reading Cyber Security Roundup for October 2020
The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged. Continue reading Zerologon Attacks Against Microsoft DCs Snowball in a Week
Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft’s warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest. Continue reading Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw