Microsoft today warned that the Iranian-backed MuddyWater cyber-espionage group was observed using ZeroLogon exploits in multiple attacks during the last two weeks. The ongoing attacks exploiting the critical 10/10 rated CVE-2020-1472 security flaw were spotted by Microsoft’s Threat Intelligence Center. Microsoft issued a similar warning last month, on September 23, urging IT admins to apply security updates update issued as part of the August 2020 Patch Tuesday to defend against attacks using public Zero Logon exploits.
Source: https://www.bleepingcomputer.com/news/security/microsoft-iranian-hackers-actively-exploiting-windows-zerologon-flaw/