It was revealed this week that Microsoft patched a major vulnerability last month. The problem…
“CISA is aware of a number of cases, when such activities have led to unauthorized access to electoral support systems. However, to date, CISA has no evidence that the integrity of this data has been compromised”, — says the warning.
According to law enforcement officials, in the course of such attacks, cybercriminals exploit at least two vulnerabilities: CVE-2018-13379 and CVE-2020-1472.
The first issue (CVE-2018-13379) was discovered as part of the Fortinet FortiOS Secure Socket Layer (SSL) VPN, a local VPN commonly used as a secure gateway to access corporate networks from remote locations.
The second issue (CVE-2018-13379) allows attackers to upload malicious files to unsecured systems and take over Fortinet VPN servers.
As for the Zerologon vulnerability, let me remind you that it relies on a weak cryptographic algorithm used in the Netlogon authentication process. The problem was named Zerologon, since the attack is carried out by adding zeros to certain Netlogon authentication parameters.
As a result, the bug allows an attacker to manipulate authentication, namely:
The CISA and the FBI explain that hackers combine these vulnerabilities, starting by taking over Fortinet servers and then moving on to taking over the internal network with Zerologon.
Experts also warned that in addition to bugs in Fortinet products, hackers can use any other vulnerabilities in VPN solutions and gateways, because there have been a lot of such bugs recently.
Suffice it to recall the following problems:
Let me remind you that US autorities are afraid of attacks by foreign hackers and ransomware attacks during presidential election.
Chernars.com is a domain that tries to force you into subscribing to its browser notifications…
Eclipse-adblocker.pro is a site that tries to trick you into clik to its browser notifications…
Initiateadvancedcompletelythe-file.top is a site that tries to force you into subscribing to its browser notifications…
Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…
Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…
Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…