Get a Pentest and security assessment of your IT network.

Cyber Security

Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors

Microsoft warns that the MERCURY APT has been actively exploiting CVE-2020-1472 in campaigns for the past two weeks. Exploiting the bug allows an unauthenticated attacker, with network access to a domain controller, to completely compromise Active Directory identity services. Microsoft released a patch for the Zerologon vulnerability as part of its August 11, 2020 Patch Tuesday security updates. The bug is located in a core authentication component of Active Directory within the Windows Server OS and the Microsoft Windows Netlogon Remote Protocol (MS-NRPC)

Source: https://threatpost.com/microsoft-zerologon-attack-iranian-actors/159874/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation