The Black Basta ransomware riddle. [Research Saturday]
CyberWire Daily27 Jul 2024

The Black Basta ransomware riddle. [Research Saturday]

Dick O'Brien from Symantec Threat Hunter team is talking about their work on "Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day." Also going to provide some background/history on Black Basta. CVE-2024-26169 in the Windows Error Reporting Service, patched on March 12, 2024, allowed privilege escalation. Despite initial claims of no active exploitation, recent analysis indicates it may have been exploited as a zero-day before the patch. The research can be found here: Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day Learn more about your ad choices. Visit megaphone.fm/adchoices

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(3681)

CyberWire Daily at 10: The vulnerabilities, zero‑days, and hardware flaws over the last decade. [Special Edition]

CyberWire Daily at 10: The vulnerabilities, zero‑days, and hardware flaws over the last decade. [Special Edition]

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss 10 years of vulnerabilities, zero‑days, and hardware flaws. Together they ...

3 Jul 35min

The people's AI?

The people's AI?

OpenAI considers an equity plan to share AI wealth with the public. Cisco confirms active exploitation of its unified CM platform. Researchers discover autonomous ransomware. The Vect ransomware opera...

2 Jul 27min

The AI lock comes off.

The AI lock comes off.

The US restores exports of Anthropic’s most advanced AI models. Adobe and Citrix rush out critical patches. RustDuck emerges as a fast-evolving DDoS threat. The Gentlemen raise the stakes with a new E...

1 Jul 30min

The court draws a privacy line.

The court draws a privacy line.

The Supreme Court limits geofence warrants. DHS moves to expand CISA. The State Department offers $10 million for Russian hackers. A legal theory could reshape EU-U.S. data sharing. Plus, cyberattacks...

30 Jun 24min

AI behind the velvet rope.

AI behind the velvet rope.

The White House keeps frontier AI models on a short leash. Russian threat actors increasingly target secure messaging platforms. DirtyClone is a high-severity Linux kernel privilege escalation flaw. A...

29 Jun 28min

Uniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl. [Special Edition]

Uniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl. [Special Edition]

In this Special Edition episode, N2K CyberWire's Dave Bittner sits down with Caitlin Sarian, widely known as Cybersecurity Girl, to explore how storytelling, authenticity, and community are reshaping ...

28 Jun 33min

Space supply chain pressures. [T-Minus: Space-Cyber Briefing]

Space supply chain pressures. [T-Minus: Space-Cyber Briefing]

Despite the space sector seeing greater investment and attention year-over-year, the sector still remains bound by an outdated and ineffective supply chain, especially in the United States. In this w...

28 Jun 27min

More bark than byte. [Research Saturday]

More bark than byte. [Research Saturday]

This week we are joined by Daniel Schwalbe, Chief Information Security Officer & Head of Investigations at DomainTools, discussing their work on "ZionSiphon OT Malware First Attempts? Psyops? Both?" R...

27 Jun 24min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
fotballpodden-2
forklart
stopp-verden
popradet
det-store-bildet
nokon-ma-ga
rss-gukild-johaug
lydartikler-fra-aftenposten
hanna-de-heldige
rss-ness
rss-espen-lee-usensurert
rss-penger-polser-og-politikk
aftenbla-bla
dine-penger-pengeradet
ukrainapodden
ta-dokumentar
frokostshowet-pa-p5