Security News > 2020 > October > Election Systems Under Attack via Microsoft Zerologon Exploits
Cybercriminals are chaining Microsoft's Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns.
The advisory details how attackers are chaining together various vulnerabilities and exploits - including using VPN vulnerabilities to gain initial access and then Zerologon as a post-exploitation method - to compromise government networks.
With the U.S. November presidential elections around the corner - and cybercriminal activity subsequently ramping up to target election infrastructure and presidential campaigns - election security is top of mind.
Microsoft released a patch for the Zerologon vulnerability as part of its August 11, 2020 Patch Tuesday security updates.
The advisory comes as exploitation attempts against Zerologon spike, with Microsoft recently warned of exploits by an advanced persistent threat actor, which the company calls MERCURY. Cisco Talos researchers also recently warned of a spike in exploitation attempts against Zerologon.
News URL
https://threatpost.com/election-systems-attack-microsoft-zerologon/160021/
Related news
- Microsoft fixes 6 zero-days under active attack (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)
- Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns (source)
- Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus (source)
- New PIXHELL Attack Exploits LCD Screen Noise to Exfiltrate Data from Air-Gapped Computers (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)