Late last week, DHS issued an advisory on vulnerabilities that are being used in tandem with "Zerologon” (CVE-2020-1472, Netlogon vulnerability).
Specifically, they have observed the Fortinet VPN vulnerability CVE-2018-13379 and MobileIron vulnerability CVE-2020-15505. Additionally, they advise patching the following as they are likely (though not yet observed) to be used by hackers in the same way:
- - Citrix NetScaler CVE-2019-19781
- - MobileIron CVE-2020-15505
- - Pulse Secure CVE-2019-11510
- - Palo Alto Networks CVE-2020-2021
- - F5 BIG-IP CVE-2020-5902
Today’s video blog takes a look at the alert as well as the vulnerabilities it describes. The complete DHS alert can be found here: https://us-cert.cisa.gov/ncas/alerts/aa20-283a
Take advantage of the CYR3CON Predictive Threat Assessment and know what vulnerabilities hackers are targeting in your own organization.