all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Windows CLFS and five exploits used by ransomware operators

Add to bookmarks
Dec. 21, 2023, 10:05 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

In April 2023, we published a blog post about a zero-day exploit we discovered in ransomware attacks that was patched as CVE-2023-28252 after we promptly reported it to Microsoft.


In that blog post, we mentioned that the zero-day exploit we discovered was very similar to other Microsoft Windows elevation-of-privilege (EoP) exploits that we have seen in ransomware attacks throughout the year. We found that since June 2022, attackers have used exploits for at least five different Common Log File System …

april attacks blog blog post clfs cve cve-2023-28252 eop exploit exploits microsoft microsoft windows operators privilege ransomware ransomware attacks windows zero-day zero-day exploit

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Cyberattack against United Russia claimed by Ukraine an hour ago | malware.news
attack cyberattack distributed initiative +14
US jails former NSA employee for attempting secret sale to Russia an hour ago | malware.news
agency article confidential defense +25
Better identity threat detection sought by new Semperis ML-based tool an hour ago | malware.news
and response article detection detection and response +27
Red Hat's latest enterprise Linux delivers new features to tackle hybrid-cloud complexity 2 hours ago | malware.news
addition article cloud complexity +13
NASA doesn't know if its spacecraft have adequate cyber defenses, GAO warns 2 hours ago | malware.news
agency article best practices cyber +11
US warns of Russian hackers targeting operational technology in water systems 3 hours ago | malware.news
advisory breached hackers official +10
Senators grill UnitedHealth CEO on Change Healthcare cyberattack 3 hours ago | malware.news
article ceo change change healthcare +13
‘Uncharted Territory:’ Companies Devise AI Security Policies 4 hours ago | malware.news
ai security businesses companies don +14
Significant drop recorded in FBI searches of Section 702 database 4 hours ago | malware.news
act agency database fbi +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs