Zero-day vulnerability leveraged to deploy Cuba Ransomware
Zero-day vulnerability leveraged to deploy Cuba Ransomware
Threat Level
Attack Report
For a detailed advisory, download the pdf file here
Summary
The threat actors behind the Cuba ransomware have stepped up their game by using a new Remote Access Trojan called ROMCOM and weaponizing a local privilege escalation vulnerability(CVE-2022-24521). A wide range of industries was targeted, including professional and legal services and state and local government.