Sodinokibi ransomware is now using a former Windows zero-day

4 July 2019

A ransomware strain named Sodinokibi (also Sodin or REvil) is using a former Windows zero-day vulnerability to elevate itself to admin access on infected hosts. The vulnerability, a privilege escalation flaw known as CVE-2018-8453, had been patched in the October 2018 Patch Tuesday Microsoft security updates after it had previously been used by a state-sponsored hacking group known as FruityArmor since August 2018.

Read full article on ZDNet

Date:

4 July 2019

Categorie(s):

NEWS

Tag(s):

Microsoft, OS, Windows

Understanding Scattered Spider, and how they perform cloud-centric identity attacks2 May 2024
Dropbox Sign customer data accessed in breach2 May 2024
Florida man gets 6 years behind bars for flogging fake Cisco kit to US military2 May 2024
Patch up – 4 critical bugs in ArubaOS lead to remote code execution2 May 2024
Menlo Security inks cybersecurity partnership with Google Cloud2 May 2024