Security News > 2020 > October > Ransomware gang now using critical Windows flaw in attacks
2020-10-09 03:33
Microsoft is warning that cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks.
Over the years, the actor has been in attacks delivering a wide variety of malware, from backdoors to ransomware.
With TA505 involved in big-money ransomware business, organizations should prioritize applying security patches for this vulnerability as attacks similar to what Microsoft described are likely to occur with increased frequency.
With exploit code that released since mid-September, threat actors moved quickly to incorporating it in their attacks.
Microsoft first sounded the alarm on September 23, when it saw ZeroLogon actively exploited in attacks.
News URL
Related news
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Ransomware attack hits leading heart surgery device maker (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Starbucks, Supermarkets Targeted in Ransomware Attack (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- Clop ransomware claims responsibility for Cleo data theft attacks (source)