Alias Description | Votes |
---|---|
CVE-2020-1472 is a possible alias for Zerologon. CVE-2020-1472, also known as the Zerologon vulnerability, is a critical-severity flaw in Microsoft's Netlogon Remote Protocol. The vulnerability allows attackers to gain administrative access to a Windows domain controller without any authentication, effectively giving them control over a network. T | 9 |
Alias Description | Association Type | Votes |
---|---|---|
The Cuba Ransomware Malware is associated with Zerologon. The Cuba ransomware is a malicious software that first appeared on cybersecurity radars in late 2020 under the name "Tropical Scorpius." It is designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once insi | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Ransomhub Threat Actor is associated with Zerologon. RansomHub is a threat actor that emerged as a new group in the cybersecurity landscape in February 2024, following the initial takedown of LockBit. Many former LockBit affiliates seemed to have either started working independently using freely available ransomware source code such as Phobos or align | Unspecified | 2 |
The Rhysida Threat Actor is associated with Zerologon. Rhysida, a threat actor active since May 2023, has been responsible for numerous high-profile ransomware attacks. The group is known for its use of various ransomware families, including BlackCat, Hello Kitty, Quantum Locker, Rhysida, Zeppelin, and its own eponymous program, to aid in double extorti | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Proxylogon Vulnerability is associated with Zerologon. ProxyLogon is a significant vulnerability in the design and implementation of software, specifically within Microsoft Exchange Server. CVE-2021-26855, a part of the ProxyLogon exploit chain, is a server-side request forgery (SSRF) vulnerability that allows attackers to bypass authentication mechanis | Unspecified | 2 |
The Proxyshell Vulnerability is associated with Zerologon. ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. It is a software design and implementation flaw that allows attackers to gain unauthorized access to the affected systems. The exploit chain for ProxyShell includes CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. | Unspecified | 2 |
The Printnightmare Vulnerability is associated with Zerologon. PrintNightmare (CVE-2021-34527) is a significant vulnerability in the Windows Print Spooler service that allows an attacker to escalate privileges either locally or remotely by loading a malicious DLL which will be executed as SYSTEM. This flaw, potentially a new zero-day Microsoft vulnerability, en | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Trend Micro | a month ago | ||
ESET | a month ago | ||
CISA | 2 months ago | ||
InfoSecurity-magazine | 3 months ago | ||
DARKReading | 4 months ago | ||
Flashpoint | 5 months ago | ||
DARKReading | 5 months ago | ||
CISA | 5 months ago | ||
CERT-EU | 8 months ago | ||
Securityaffairs | 10 months ago | ||
CERT-EU | 10 months ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |