Iranian hackers targeting Zerologon flaw, says Microsoft

State-sponsored hackers from Iran are currently exploiting the Zerologon vulnerability in the wild according to new research from Microsoft’s Threat Intelligence Center (MSTIC).

Zerologon affects systems running Windows Server 2008 R2 and later and the vulnerability has even been given a maximum severity rating of 10/10 by the Common Vulnerability Scoring System (CVSS). Successful attacks exploiting the vulnerability can allow attackers to take over servers known as domain controllers (DC) which serve as the centerpieces of most enterprise networks.

Source link