ZeroLogon, a Windows vulnerability rated 10/10 by the Common Vulnerability Scoring System (CVSS) allows attackers to impersonate the domain controller, providing them with quick access to the entire network. Used in a variety of attacks, this vulnerability allows attackers to spread their malware or move laterally in a matter of minutes. Learn to detect and mitigate the use of ZeroLogon while investigating a PCAP file from an exploited machine.
Learning Objectives
Learn to detect and mitigate the use of Zerologon by attackers.