Threat Advisories

Zero-day vulnerability leveraged to deploy Cuba Ransomware

August 11, 2022

Threat Level

Red

Attack Report

For a detailed advisory, download the pdf file here

Summary

The threat actors behind the Cuba ransomware have stepped up their game by using a new Remote Access Trojan called ROMCOM and weaponizing a local privilege escalation vulnerability(CVE-2022-24521). A wide range of industries was targeted, including professional and legal services and state and local government.

Microsoft tackles DogWalk zero-day vulnerability and multiple privilege escalation vulnerabilities

Who is behind the Cisco attack?