This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties.  Members and Law enforcement use only. Contact us for any permissions.  To do otherwise will result in the loss of membership.

Complete Story
 

12/14/2020

CISA Warns of Hackers Exploiting Zerologon Vulnerability

Security Week

Dubbed Zerologon, the security flaw is tracked as CVE-2020-1472 and was patched in August 2020. Earlier this month, CISA issued an Emergency Directive that required all federal agencies to install the patches within three days.

The vulnerability allows an unauthenticated attacker connected to a domain controller using Netlogon to gain domain administrator access. The attacker would need to leverage a specially crafted application running on a device on the network to successfully exploit the bug.

Samba issued patches for the bug too, and last week Microsoft revealed that it was seeing the first attempts to target the Zerologon flaw, and CISA was quick to issue an alert on such attacks as well.

Read more...

Printer-Friendly Version


Resources

Alerts

The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.

more information
Resources

Resources

Your electronic library to help in fighting financial fraud for all of our partners.

more information