Sep 14, 2020 1 min, 34 secs

Researchers have developed and published a proof-of-concept exploit for a recently patched Windows vulnerability that can allow access to an organization’s crown jewels—the Active Directory domain controllers that act as an all-powerful gatekeeper for all machines connected to a network.

Enter Zerologon, an exploit developed by researchers from security firm Secura.

“This attack has a huge impact,” researchers with Secura wrote in a white paper published on Friday.

“It basically allows any attacker on the local network (such as a malicious insider or someone who simply plugged in a device to an on-premise network port) to completely compromise the Windows domain.

The Secura researchers, who discovered the vulnerability and reported it to Microsoft, said they developed an exploit that works reliably, but given the risk, they aren’t releasing it until they’re confident Microsoft’s patch has been widely installed on vulnerable servers.

The researchers, however, warned that it’s not hard to use Microsoft’s patch to work backwards and develop an exploit.

The release and description of exploit code quickly caught the attention of the US Cybersecurity and Infrastructure Security Agency, which works to improve cybersecurity across all levels of government.

Zerologon works by sending a string of zeros in a series of messages that use the Netlogon protocol, which Windows servers rely on for a variety of tasks, including allowing end users to log in to a network.

People with no authentication can use the exploit to gain domain administrative credentials, as long as the attackers have the ability to establish TCP connections with a vulnerable domain controller.

The vulnerability stems from the Windows implementation of AES-CFB8, or the use of the AES cryptography protocol with cipher feedback to encrypt and validate authentication messages as they traverse the internal network.

The Secura writeup gives a deep dive on the cause of the vulnerability and the five-step approach to exploiting it.


1. 'Binded by blood,' split over election: Asian American family embodies generational shift in politics
Oct 27, 2020 # breaking 2 mins, 45 secs
2. Early voting surge points to huge turnout in US election
Oct 27, 2020 # breaking 5 secs
3. Drop in flu deaths may indicate that most at risk died from COVID-19 - New York Post
Oct 24, 2020 # health 46 secs
4. Exclusive: 'Zack Snyder's Justice League' Reshoots Add Joe Manganiello's Deathstroke - Collider.com
Oct 23, 2020 # entertainment 36 secs
5. Famous equation to determine whether aliens exist now used for spread of COVID-19 - Fox News
Oct 28, 2020 # health 59 secs
6. Nuclear engine designed for NASA could transport humans to Mars in just three months - Daily Mail
Oct 26, 2020 # science 1 min, 20 secs
7. Strategic vision for improving human health at The Forefront of Genomics - Nature.com
Oct 28, 2020 # science 21 mins, 9 secs
8. Memory failure predicted by attention lapsing and media multitasking - Nature.com
Oct 28, 2020 # science 5 mins, 10 secs
9. Former Miss America Leanza Cornett Dead at 49 - E! NEWS
Oct 29, 2020 # entertainment 41 secs
10. Kanye West Explains Why The Yeezy Foam Runner Is The Future Of Sneakers - HotNewHipHop
Oct 24, 2020 # entertainment 38 secs
11. Superbug may be spreading in hospitals overrun with COVID-19 - Live Science
Oct 24, 2020 # health 1 min, 24 secs
12. Severe Covid-19 Cases Leave Lasting Effects, Including on Mental State - The Wall Street Journal
Oct 28, 2020 # health 16 secs
13. Evidence Of Resident Evil 3: Cloud Version For Nintendo Switch Seemingly Uncovered - Nintendo Life
Oct 29, 2020 # technology 5 mins, 23 secs
14. Pence hits Biden for 'undermining' law enforcement, tells Levin 'all my heroes wear uniforms' - Fox News
Oct 26, 2020 # politics 48 secs
15. COVID-19 fatigue could mar the holidays, but staying vigilant could make for a better 2021 - Chicago Tribune
Oct 23, 2020 # health 1 min, 49 secs
16. Hunter Biden: Here's what he has said about his Burisma role in Ukraine - Fox News
Oct 22, 2020 # politics 59 secs

SUBSCRIBE

Get monthly updates and free resources.

CONNECT WITH US

© Copyright 2020 365NEWSX - All RIGHTS RESERVED