Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Black Basta Strikes Again: Inside the Exploitation of Windows Flaw CVE-2024-26169
Black Basta ransomware exploits CVE-2024-26169, a Windows vulnerability, elevating privileges to SYSTEM. Microsoft patched it in March, but Black Basta had a working exploit for months. Symantec’s report links these attacks to the Cardinal cybercrime group. Stay secure by updating Windows and following CISA guidelines.
Hot Take:
From Black Basta to Blasted Basta! This ransomware gang is the unwanted guest at the cybersecurity party, crashing through Windows vulnerabilities faster than Microsoft can RSVP with a patch.
Key Points:
- Black Basta exploited a zero-day vulnerability in Windows Error Reporting Service (CVE-2024-26169).
- Microsoft patched the flaw on March 12, 2024, but attackers may have used it earlier.
- Symantec observed the attack, linking it to the Cardinal cybercrime group.
- The exploit tool used by Black Basta was found with timestamps predating the Microsoft patch.
- Black Basta’s history includes ties to the Conti syndicate and significant ransom earnings.
Already a member? Log in here