Black Basta ransomware gang linked to Windows zero-day attacks

Published on June 12, 2024

The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available. [...]

Continue reading on website
Other news

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers

June 12, 2024
Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE."WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads," Elastic Security Labs researcher Daniel Stepanic said in a new analysis. "Each sample is compiled

Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw

June 12, 2024
Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new findings from Symantec.The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an elevation of privilege bug in the Windows Error Reporting Service that could be exploited to achieve SYSTEM