Przejdź do trybu offline z Player FM !
The Black Basta ransomware riddle. [Research Saturday]
Manage episode 430932168 series 112238
Dick O'Brien from Symantec Threat Hunter team is talking about their work on "Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day." Also going to provide some background/history on Black Basta. CVE-2024-26169 in the Windows Error Reporting Service, patched on March 12, 2024, allowed privilege escalation.
Despite initial claims of no active exploitation, recent analysis indicates it may have been exploited as a zero-day before the patch.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices
3101 odcinków
Manage episode 430932168 series 112238
Dick O'Brien from Symantec Threat Hunter team is talking about their work on "Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day." Also going to provide some background/history on Black Basta. CVE-2024-26169 in the Windows Error Reporting Service, patched on March 12, 2024, allowed privilege escalation.
Despite initial claims of no active exploitation, recent analysis indicates it may have been exploited as a zero-day before the patch.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices
3101 odcinków
Kaikki jaksot
×Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.