Zerologon Attacks Against Microsoft DCs Snowball in a Week


A spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, known as the Zerologon bug, continues to plague businesses.

That’s according to researchers from Cisco Talos, who warned that cybercriminals are redoubling their efforts to trigger the elevation-of-privilege bug in the Netlogon Remote Protocol, which was addressed in the August Microsoft Patch Tuesday report. Microsoft announced last week that it had started observing active exploitation in the wild: “We have observed attacks where public exploits have been incorporated into attacker playbooks,” the firm tweeted on Wednesday.

Read more…
Source: ThreatPost