Security News > 2020 > October > Ransomware gang now using critical Windows flaw in attacks
Microsoft is warning that cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks.
Over the years, the actor has been in attacks delivering a wide variety of malware, from backdoors to ransomware.
With TA505 involved in big-money ransomware business, organizations should prioritize applying security patches for this vulnerability as attacks similar to what Microsoft described are likely to occur with increased frequency.
With exploit code that released since mid-September, threat actors moved quickly to incorporating it in their attacks.
Microsoft first sounded the alarm on September 23, when it saw ZeroLogon actively exploited in attacks.
News URL
Related news
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Ransomware attacks escalate as critical sectors struggle to keep up (source)
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- Ransomware batters critical industries, but takedowns hint at relief (source)