all InfoSec news
Windows CLFS and five exploits used by ransomware operators
Malware Analysis, News and Indicators - Latest topics malware.news
In April 2023, we published a blog post about a zero-day exploit we discovered in ransomware attacks that was patched as CVE-2023-28252 after we promptly reported it to Microsoft.
In that blog post, we mentioned that the zero-day exploit we discovered was very similar to other Microsoft Windows elevation-of-privilege (EoP) exploits that we have seen in ransomware attacks throughout the year. We found that since June 2022, attackers have used exploits for at least five different Common Log File System …
april attacks blog blog post clfs cve cve-2023-28252 eop exploit exploits microsoft microsoft windows operators privilege ransomware ransomware attacks windows zero-day zero-day exploit