What the Zerologon vulnerability means for the state of enterprise security

17 September 2020

On Augustâ€™s Patch Tuesday, Microsoft closed several vulnerabilities, among themÂ CVE-2020-1472, known as Zerologon.Â Secura’s security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous.Â Â By forging an authentication token for specific Netlogon functionality, he was able to call a function to set the computer password of the Domain Controller to a known value. After that, the attacker can use this new password to take control over the domain controller and steal credentials of a domain admin.

Read full article on Security Magazine

Date:

17 September 2020

Categorie(s):

NEWS

Tag(s):

IT, News

7-Year-Old 0-Day in Microsoft Office Exploited to Drop Cobalt Strike27 April 2024
AI Helps Improve About Managed Detection and Response26 April 2024
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland – SWN #38126 April 2024
Impact of organizational structure on ransomware outcomes: Where does your org fit in?26 April 2024
Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets26 April 2024