zerologon - Robuta Search

https://lantern.splunk.com/Security_Use_Cases/Threat_Hunting/Detecting_Zerologon_attacks Detecting Zerologon attacks - Splunk Lantern Jan 5, 2026 - Detect activities relating to the Zerologon CVE-2020-11472, with Splunk searches you can use to identify attempts to reset the Domain Controller computer... splunk lantern detecting zerologon attacks https://www.trendmicro.com/en_us/what-is/zerologon.html What Is Zerologon? | Trend Micro (US) Zerologon is a vulnerability in the cryptography of Microsoft’s Netlogon process that allows an attack against Microsoft Active Directory domain controllers.... trend micro us zerologon https://threatpost.com/ryuk-ransomware-gang-zerologon-lightning-attack/160286/ Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack | Threatpost Oct 19, 2020 - Researchers said the group was able to move from initial phish to full domain-wide encryption in just five hours. ryuk ransomware gang uses lightning fast attack threatpost zerologon