Alias Description | Votes |
---|---|
CVE-2020-1472 is a possible alias for Zerologon. CVE-2020-1472, also known as the "ZeroLogon" vulnerability, is a critical-severity flaw in Microsoft's Netlogon Remote Protocol. This vulnerability, which was patched on August 11, 2020, allows attackers to escalate privileges and gain administrative access to a Windows domain controller without any | 10 |
Alias Description | Association Type | Votes |
---|---|---|
The Cuba Ransomware Malware is associated with Zerologon. The Cuba ransomware is a malicious software that first appeared on cybersecurity radars in late 2020 under the name "Tropical Scorpius." It is designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once insi | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Ransomhub Threat Actor is associated with Zerologon. RansomHub, a threat actor in the realm of cybersecurity, has emerged as a significant player within the ransomware landscape. The group is known for its malicious activities, including data breaches and extortion attempts. It has been observed that RansomHub affiliates actively participate in campai | Unspecified | 2 |
The Rhysida Threat Actor is associated with Zerologon. Rhysida is a globally active threat actor known for its ransomware operations, which have impacted a wide range of sectors, particularly the government and public sector. Their use of CleanUpLoader makes their operations highly effective and difficult to detect, as it not only facilitates persistenc | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Proxylogon Vulnerability is associated with Zerologon. ProxyLogon is a serious software vulnerability, specifically an exploit chain in Microsoft Exchange Server. The chain includes CVE-2021-26855, a server-side request forgery (SSRF) vulnerability that allows attackers to bypass authentication and impersonate users, along with other vulnerabilities suc | Unspecified | 2 |
The Proxyshell Vulnerability is associated with Zerologon. ProxyShell is a vulnerability that affects Microsoft Exchange email servers, posing a significant risk to organizations worldwide. This flaw in software design or implementation allows attackers to exploit the system and gain unauthorized access. Since early 2021, Iranian government-sponsored APT ac | Unspecified | 2 |
The Printnightmare Vulnerability is associated with Zerologon. PrintNightmare is a severe vulnerability (CVE-2021-34527) affecting the Windows Print Spooler service, allowing an attacker to escalate privileges either locally or remotely by loading a malicious DLL which will be executed as SYSTEM. This flaw in software design or implementation enables any authen | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securelist | a month ago | ||
Trend Micro | 2 months ago | ||
Trend Micro | 3 months ago | ||
ESET | 4 months ago | ||
CISA | 4 months ago | ||
InfoSecurity-magazine | 6 months ago | ||
DARKReading | 7 months ago | ||
Flashpoint | 7 months ago | ||
DARKReading | 7 months ago | ||
CISA | 8 months ago | ||
CERT-EU | 10 months ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago |