The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.
Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.
Cybersecurity experts from the FBI and CISA have issued a joint cybersecurity advisory warning of APT exploits of Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2019-5591 and CVE-2020-12812.
Microsoft issued a new warning of ongoing exploits against a Netlogon protocol vulnerability dubbed Zerologon (CVE-2020-1472).
APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations
Advanced persistent threat actors (APTs) are exploiting multiple legacy vulnerabilities in combination with newer “Zerologon” to target government networks, critical infrastructure, and elections organizations.
In a tweet sent out Wednesday night, Microsoft said they have spotted active exploits in wild of a Netlogon vulnerability CVE-2020-1472 dubbed Zerologon.
In the wake of a Microsoft Windows Netlogon vulnerability exploit and patch, Samba also released a security update for the vulnerability dubbed Zerologon.