13 Oct 2020

Security Firms & Financial Group Team Up to Take Down Trickbot

Several security firms, including ESET, Black Lotus Labs, and Symantec have teamed up with Microsoft and the financial services industry to combat the use of Trickbot through eliminating the ransomware’s C2 infrastructure. The notorious Trickbot ransomware has infected more than a million computing devices to date, according to a statement

Read More
12 Oct 2020

Critical Zerologon Flaw Exploited in TA505 Attacks

Microsoft has reported a new campaign utilizing the critical Zerologon vulnerability previously disclosed to the public. Just days after witnessing the nation-state hacking group Mercury was observed leveraging the flaw, the TA505 Russian speaking threat group known for the Dridex banking Trojan and Locky Ransomware has been using the same

Read More
07 Oct 2020

Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors

Microsoft has released a warning concerning the Mercury APT group and their active exploitation of the Zerologon vulnerability in campaigns occurring over the past two weeks. Mercury APT is an Iranian nation-state threat actor leveraging the critical flaw to attack organizations, who have also been referred to as MuddyWater, Static

Read More
01 Oct 2020

Zerologon Attacks Against Microsoft DCs Snowball in a Week

Last week, the first active exploits of the Microsoft Zerologon vulnerability (CVE-2020-1472) were flagged. Now, just over a week later, threat actors are leveraging the bug to attempt to take over Active Directory identity services as security researchers observe a massive spike in the bug’s exploitation attempts. Researchers at Cisco

Read More
21 Sep 2020

Agencies Must Patch Zerologon Bug by Monday says US CISA

Earlier this week, the US Department of Homeland Security issued an emergency directive that calls for all civilian government agencies to patch a Windows vulnerability that has been categorized as high-risk. The bug, CVE-2020-1472, is a new form of a privilege bug that occurs when an attacker uses the Netlogon

Read More
16 Sep 2020

Windows Exploit Released For Microsoft ‘Zerologon’ Flaw

Security researchers and US government authorities have been alerting the public to a critical privilege escalation flaw in Microsoft services, urging admins to address the pressing security issue. A proof-of-concept exploit code has been recently released for a Windows flaw that could allow attackers to obtain administrative privileges within a

Read More
09 Sep 2020

Microsoft Fixes 129 Vulnerabilities for September’s Patch Tuesday

Microsoft’s September Patch Tuesday saw fixes released for 129 common vulnerabilities and exposures, including 23 critical vulnerabilities. September now marks seven consecutive months in which Microsoft patched over 110 bugs in its monthly rollout, and raises its yearly total to just under 1,000. This month, vulnerabilities in Microsoft Windows, Edge

Read More
07 Sep 2020

Pentagon Awards JEDI Contract To Microsoft—Again—In Blow To Amazon

On Friday, the Department of Defense announced that it has decided to award Microsoft with the contentious $10 billion JEDI contract. This has created more controversy between Microsoft and Amazon, who went to court in a legal fight for the lucrative DoD contract. In October of last year, Microsoft won

Read More
31 Aug 2020

Walmart Says Teaming With Microsoft in Bid for TikTok

On Thursday, US retail giant Walmart released a statement announced that they had teamed with Microsoft to buy TikTok, a popular social media platform currently owned by the Chinese company ByteDance. The app has come under fire over the past several months for ByteDance’s ties to the Chinese government, with

Read More
12 Aug 2020

Microsoft Patches 120 Vulnerabilities, Two Zero-Days

Microsoft’s August Patch Tuesday saw fixes for 120 vulnerabilities, including two zero-days actively being exploited in the wild. The patches cover 13 different Microsft products and services, marking the third-largest Patch Tuesday update in the company’s history. Trend Micro researcher Dustin Childs stated that if Microsoft keeps up the Patch

Read More