Home → News → FBI/DHS: Government Systems Face Threat From Zerologon... → Full Text

FBI/DHS: Government Systems Face Threat From Zerologon Exploits

By Ars Technica

October 16, 2020

[article image]

The U.S. Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency have detected attackers exploiting a Windows vulnerability (Zerologon) against state and local governments, in some cases threatening election systems.

Members of unspecific advanced persistent threats are using Zerologon to grant hackers who already have infiltrated susceptible networks access to domain controllers, which allocate new accounts and manage current ones.

To gain initial access, attackers are exploiting flaws in firewalls, virtual private networks, and other products from companies like Juniper, Pulse Secure, Citrix, and Palo Alto Networks.

Patches were issued for all the identified vulnerabilities, but FBI and DHS warned not everyone has installed them.

From Ars Technica
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found