Communications of the ACM

Home/News/FBI/DHS: Government Systems Face Threat From Zerologon.../Full Text

ACM TechNews

FBI/DHS: Government Systems Face Threat From Zerologon Exploits

By Ars Technica
October 16, 2020
Comments

View as: Print Mobile App Share:

A digital padlock. — The FBI and the cybersecurity arm of the Department of Homeland Security said they have detected hackers exploiting a critical Windows vulnerability against state and local governments/

Credit: Getty Images

The U.S. Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency have detected attackers exploiting a Windows vulnerability (Zerologon) against state and local governments, in some cases threatening election systems.

Members of unspecific advanced persistent threats are using Zerologon to grant hackers who already have infiltrated susceptible networks access to domain controllers, which allocate new accounts and manage current ones.

To gain initial access, attackers are exploiting flaws in firewalls, virtual private networks, and other products from companies like Juniper, Pulse Secure, Citrix, and Palo Alto Networks.

Patches were issued for all the identified vulnerabilities, but FBI and DHS warned not everyone has installed them.

From Ars Technica
View Full Article

No entries found

FBI/DHS: Government Systems Face Threat From Zerologon Exploits

Robots Are Changing the World of High Jewelry

Dear Diary

Are You Confident in Your Backups?