Threat actors, TA505 and MERCURY, exploiting ZeroLogon to attack and gain account control privileges

12 October 2020

Microsoft recently warnedÂ that more cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks.Â Threat actorÂ TA505, a financially motivated threat group that has been active since at least 2014, is now exploiting this vulnerability.Â The group is known for frequently changing malware and driving global trends in criminal malware distribution, according to MITRE. In a tweet, Microsoft Security Intelligence said, “A new campaign shrewdly poses as software updates that connect to known CHIMBORAZO (TA505) C2 infrastructure.

Read full article on Security Magazine

Date:

12 October 2020

Categorie(s):

NEWS

Tag(s):

IT, News, TA505, Threats

20 Best Linux Password Managers in 202428 April 2024
Reliable Web App Pattern: Now Optimizes Azure Migration with Enhanced Infrastructure and Security28 April 2024
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks28 April 2024
Good Security Is About Iteration, Not Perfection.28 April 2024
Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 202428 April 2024