"Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day"

According to Symantec, the "Black Basta" ransomware group may have exploited a recently patched Windows privilege escalation vulnerability. The Windows error reporting service privilege escalation vulnerability allows an attacker to gain system privileges. Symantec found evidence that the Black Basta group may have exploited this vulnerability as a zero-day. The company discovered a tool that exploits the flaw to start a shell with administrative privileges. This article continues to discuss the potential exploitation of a Windows privilege escalation flaw by the Black Basta ransomware gang.

SecurityWeek reports "Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day"

Submitted by grigby1