Security News > 2020 > October > Ransomware gang now using critical Windows flaw in attacks
2020-10-09 03:33
Microsoft is warning that cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks.
Over the years, the actor has been in attacks delivering a wide variety of malware, from backdoors to ransomware.
With TA505 involved in big-money ransomware business, organizations should prioritize applying security patches for this vulnerability as attacks similar to what Microsoft described are likely to occur with increased frequency.
With exploit code that released since mid-September, threat actors moved quickly to incorporating it in their attacks.
Microsoft first sounded the alarm on September 23, when it saw ZeroLogon actively exploited in attacks.
News URL
Related news
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- CISA: Medusa ransomware hit over 300 critical infrastructure orgs (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)