Sign In

Communications of the ACM

ACM TechNews

FBI/DHS: Government Systems Face Threat From Zerologon Exploits

View as: Print Mobile App Share:
A digital padlock.

The FBI and the cybersecurity arm of the Department of Homeland Security said they have detected hackers exploiting a critical Windows vulnerability against state and local governments/

Credit: Getty Images

The U.S. Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency have detected attackers exploiting a Windows vulnerability (Zerologon) against state and local governments, in some cases threatening election systems.

Members of unspecific advanced persistent threats are using Zerologon to grant hackers who already have infiltrated susceptible networks access to domain controllers, which allocate new accounts and manage current ones.

To gain initial access, attackers are exploiting flaws in firewalls, virtual private networks, and other products from companies like Juniper, Pulse Secure, Citrix, and Palo Alto Networks.

Patches were issued for all the identified vulnerabilities, but FBI and DHS warned not everyone has installed them.

From Ars Technica
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account