The U.S. Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency have detected attackers exploiting a Windows vulnerability (Zerologon) against state and local governments, in some cases threatening election systems.
Members of unspecific advanced persistent threats are using Zerologon to grant hackers who already have infiltrated susceptible networks access to domain controllers, which allocate new accounts and manage current ones.
To gain initial access, attackers are exploiting flaws in firewalls, virtual private networks, and other products from companies like Juniper, Pulse Secure, Citrix, and Palo Alto Networks.
Patches were issued for all the identified vulnerabilities, but FBI and DHS warned not everyone has installed them.
From Ars Technica
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA