Microsoft issued yet another warning that threat actors are continuing to actively exploit systems unpatched against the ZeroLogon privilege escalation vulnerability in the Netlogon Remote Protocol (MS-NRPC). On Windows Server devices where the vulnerability was not patched, attackers can spoof a domain controller account to steal domain credentials and take over the entire domain following successful exploitation.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
