Security News > 2020 > October > Ransomware gang now using critical Windows flaw in attacks
2020-10-09 03:33
Microsoft is warning that cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks.
Over the years, the actor has been in attacks delivering a wide variety of malware, from backdoors to ransomware.
With TA505 involved in big-money ransomware business, organizations should prioritize applying security patches for this vulnerability as attacks similar to what Microsoft described are likely to occur with increased frequency.
With exploit code that released since mid-September, threat actors moved quickly to incorporating it in their attacks.
Microsoft first sounded the alarm on September 23, when it saw ZeroLogon actively exploited in attacks.
News URL
Related news
- Ransomware on ESXi: The mechanization of virtualized attacks (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- OneBlood confirms personal data stolen in July ransomware attack (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M (source)
- Medusa ransomware group claims attack on UK's Gateshead Council (source)
- Ransomware attack forces Brit high school to shut doors (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Security pros more confident about fending off ransomware, despite being battered by attacks (source)
- Only 13% of organizations fully recover data after a ransomware attack (source)