Security News > 2020 > October > Election Systems Under Attack via Microsoft Zerologon Exploits
Cybercriminals are chaining Microsoft's Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns.
The advisory details how attackers are chaining together various vulnerabilities and exploits - including using VPN vulnerabilities to gain initial access and then Zerologon as a post-exploitation method - to compromise government networks.
With the U.S. November presidential elections around the corner - and cybercriminal activity subsequently ramping up to target election infrastructure and presidential campaigns - election security is top of mind.
Microsoft released a patch for the Zerologon vulnerability as part of its August 11, 2020 Patch Tuesday security updates.
The advisory comes as exploitation attempts against Zerologon spike, with Microsoft recently warned of exploits by an advanced persistent threat actor, which the company calls MERCURY. Cisco Talos researchers also recently warned of a spike in exploitation attempts against Zerologon.
News URL
https://threatpost.com/election-systems-attack-microsoft-zerologon/160021/
Related news
- New DoubleClickjacking attack exploits double-clicks to hijack accounts (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- New Web3 attack exploits transaction simulations to steal crypto (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- Clone2Leak attacks exploit Git flaws to steal credentials (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)