Microsoft says it detected active attacks leveraging Zerologon vulnerability


Microsoft sign at the entrance of their corporate headquarters in Redmond

Hackers are actively exploiting the Zerologon vulnerability in real-world attacks, Microsoft’s security intelligence team said this morning.

“Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon. We have observed attacks where public exploits have been incorporated into attacker playbooks,” the company wrote in a series of tweets.

Read more…