LodaRAT Update: Alive and Well
September 30, 2020
Obstacles that Interfere with Your Wi-Fi Signal
September 30, 2020

Microsoft Netlogon exploitation continues to rise

Cisco Talos is tracking a spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, an elevation of privilege bug in Netlogon, outlined in the August Microsoft Patch Tuesday report. The vulnerability stems from a flaw in a cryptographic authentication scheme used by the Netlogon Remote Protocol which — among other things — can be used to update computer passwords by forging an authentication token for specific Netlogon functionality. This flaw allows attackers to impersonate any computer, including the domain controller itself and gain access to domain admin credentials.

Read more

The post Microsoft Netlogon exploitation continues to rise appeared first on Cisco Blogs.