Security News > 2024 > October > OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
2024-10-13 09:40
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. "The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities
News URL
https://thehackernews.com/2024/10/oilrig-exploits-windows-kernel-flaw-in.html
Related news
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- New Windows Driver Signature bypass allows kernel rootkit installs (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)