viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
Hackers are using a severe Windows bug to backdoor unpatched servers
Technology

Hackers are using a severe Windows bug to backdoor unpatched servers

21/10/2020

“The takeaway for me is attackers are spraying the Internet to provide backdoors into unpatched Active Directory systems in an automated fashion,” Beaumont told Ars. “That isn’t great news. It’s not super sophisticated, but these attackers are doing something effective—which is usually more problematic.”

Friday’s findings are the most detailed yet about in-the-wild attacks that exploit the critical vulnerability. Late last month and again earlier this month Microsoft warned that Zerologon was under active attack by hackers, some or all of them part of a threat group dubbed Mercury, which has ties to the Iranian government. A few weeks ago, Beaumont’s honeypot also detected exploit attempts.

Researchers gave the vulnerability the name Zerologon because attacks work by sending a string of zeros in a series of messages that use the Netlogon protocol, which Windows servers rely on for a variety of tasks, including allowing end users to log in to a network.

People with no authentication can use the exploit to gain domain administrative credentials, as long as the attackers have the ability to establish TCP connections with a vulnerable domain controller. In some cases, attackers may use a separate vulnerability to gain a foothold inside a network and then exploit Zerologon to take over the domain controller, the Department of Homeland Security’s cybersecurity arm—the Cybersecurity and Infrastructure Security Agency—said last Friday. The agency said exploits were threatening government-controlled election systems.

To be effective, honeypots generally must let down defenses that are standard on many networks. In that sense, they can give a one-sided view of what’s happening in the real world. Beaumont’s results are nevertheless illustrative both of the effectiveness of current Zerologon attacks and the concerning results they achieve.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

Bombay Play raises $1 million for social games as India’s game studios blossom
Bombay Play, a Bangalore, India-based game studio, has raised $1 …

Bombay Play raises $1 million for social games as India’s game studios blossom

Beat Saber is now an Oculus studio after Facebook acquisition
TechCrunch ist jetzt Teil der Verizon Media-Familie. Wir (Verizon Media) …

A smaller, cheaper version of Qoobo, the robotic cat pillow, is on the way

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • TechCrunch’s Favorite Things of 2019
    Kids with lazy eye can be treated …
    14/01/2020
  • GamesBeat Decides 140: Are they going to cancel E3?
    GamesBeat Decides 140: Are they going to …
    05/03/2020
  • Jeremy’s 2020 Apple predictions: Save your money for these new devices
    If Apple’s 5G iPhone plans are still …
    14/02/2020
  • AI buggy training
    AI training helps remote-controlled buggy negotiate rugged …
    11/04/2020
  • Google fixes two more Chrome zero-days that were under active exploit
    “Expert” hackers used 11 zerodays to infect …
    18/03/2021

Popular Posts

  • 100 million more IoT devices are exposed—and they won’t be the last
    100 million more IoT devices are exposed—and …
    14/04/2021 0
  • Mimecast says SolarWinds hackers breached its network and spied on customers
    Mimecast says SolarWinds hackers breached its network …
    16/03/2021 0
  • Touch of gray: The Air Force can’t retire the Boeing 707
    Touch of gray: The Air Force can’t …
    17/03/2021 0
  • Top 10 Places Creepier Than Stephen King’s …
    17/03/2021 0
  • Top 10 Things You Should Know About …
    17/03/2021 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2021 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh