Zerologon Vulnerability Used in APT Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security


Zerologon Vulnerability Used in APT Attacks


MERCURY, the Iranian advanced persistent threat group, is using Zerologon in a new series of attacks detected by Microsoft.



Zerologon, a vulnerability
Dark Reading reported
on in September, is back, this time in the hands of an Iranian advanced persistent threat group known as MERCURY. In a tweet, Microsoft Security Intelligence said that it has observed MERCURY using
CVE-2020-1472
(Zerologon) in active campaigns during the most recent two weeks.
MERCURY — which is also known as MuddyWater, Static Kitten, and Seedworm — has typically targeted government organizations, especially in the Middle East. Its use of ZeroLogon is seen as a critical risk, especially given that four published proof-of-concept exploits in September led the Secretary of Homeland Security to issue a
rare emergency directive
for immediate remediation.
The new information on MERCURYs Zerologon use has spurred Microsoft to reiterate the importance of immediately patching Windows to close the vulnerability.
For more, read
here
.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Zerologon Vulnerability Used in APT Attacks