Microsoft Netlogon exploitation continues to rise

Cisco Talos CVE-2020-1472 Microsoft Netlogon

Cisco Talos is tracking a spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, an elevation of privilege bug in Netlogon, outlined in the August Microsoft Patch Tuesday report. The vulnerability stems from a flaw in a cryptographic authentication scheme used by the Netlogon Remote Protocol which — among other things — can be used to update computer passwords by forging an authentication token for specific Netlogon functionality. This flaw allows attackers to…

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Source: Talos Blog feed
Microsoft Netlogon exploitation continues to rise