Security News > 2024 > June > Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw
2024-06-12 11:11
Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new findings from Symantec. The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an elevation of privilege bug in the Windows Error Reporting Service that could be exploited to achieve SYSTEM
News URL
https://thehackernews.com/2024/06/black-basta-ransomware-may-have.html
Related news
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Use Windows event logs for ransomware investigations, JPCERT/CC advises (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks (source)
- New Windows Themes zero-day gets free, unofficial patches (source)
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-12 | CVE-2024-26169 | Unspecified vulnerability in Microsoft products Windows Error Reporting Service Elevation of Privilege Vulnerability | 7.8 |