使用Player FM应用程序离线!
The Black Basta ransomware riddle. [Research Saturday]
Manage episode 430932168 series 112238
Dick O'Brien from Symantec Threat Hunter team is talking about their work on "Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day." Also going to provide some background/history on Black Basta. CVE-2024-26169 in the Windows Error Reporting Service, patched on March 12, 2024, allowed privilege escalation.
Despite initial claims of no active exploitation, recent analysis indicates it may have been exploited as a zero-day before the patch.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices
3048集单集
Manage episode 430932168 series 112238
Dick O'Brien from Symantec Threat Hunter team is talking about their work on "Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day." Also going to provide some background/history on Black Basta. CVE-2024-26169 in the Windows Error Reporting Service, patched on March 12, 2024, allowed privilege escalation.
Despite initial claims of no active exploitation, recent analysis indicates it may have been exploited as a zero-day before the patch.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices
3048集单集
Tous les épisodes
×欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。