June 14, 2024 at 12:42PM CISA added a high-severity Windows vulnerability (CVE-2024-26169) to its list of actively exploited bugs. It allows attackers to gain SYSTEM permissions without user interaction. Microsoft patched it on March 12, 2024, but the Black Basta ransomware gang likely exploited it as a zero-day. FCEB agencies have three weeks to secure … Read more
June 12, 2024 at 12:45PM Symantec reported that a ransomware group possibly exploited a patched Windows privilege escalation vulnerability before Microsoft’s fix. The flaw, tracked as CVE-2024-26169, could allow attackers to obtain System privileges. Symantec found evidence suggesting the Black Basta ransomware group exploited this vulnerability as a zero-day, hitting over 500 organizations globally. Summary … Read more
June 12, 2024 at 08:10AM The Black Basta ransomware operation exploited a Windows privilege escalation vulnerability (CVE-2024-26169) as a zero-day before a fix was available. Microsoft patched it on March 12, 2024. Symantec’s report links the exploit to Black Basta, with indications of its usage as a zero-day. This highlights the need to apply the … Read more
June 12, 2024 at 07:39AM Symantec reports that threat actors using Black Basta ransomware exploited a privilege escalation flaw in Microsoft’s Windows Error Reporting Service as a zero-day, patched in March 2024. Symantec’s observation points to attempts to exploit the vulnerability in an unsuccessful ransomware attack. It also highlights the emergence of a new ransomware … Read more