Cybercriminals Exploit Windows Zero-Day: Black Basta’s New Weapon Revealed

The Cardinal cybercrime group, an affiliate of Black Basta, exploited a zero-day Windows vulnerability to deploy ransomware. Symantec discovered this elevation of privilege flaw, CVE-2024-26169, which Microsoft patched in March. Despite the fix, Cardinal managed to use the vulnerability before it was patched, targeting organizations worldwide.

3P
Published: June 13, 2024 2:15 pmAdded: June 13, 2024 at 7:27 amAssembled by: The Editor
Pro Dashboard

Hot Take:

It looks like the Cardinal cybercrime group is trying to become the valedictorian of cybervillains by exploiting vulnerabilities faster than Microsoft can patch them. And just like a bad sequel, they’re bringing back Black Basta for another round of ransomware mayhem!

Key Points:

  • Cardinal cybercrime group exploited a Windows zero-day vulnerability to deploy Black Basta ransomware.
  • The flaw, CVE-2024-26169, involved the Windows Error Reporting Service and was patched in mid-March 2024.
  • The attack was unsuccessful, but it highlights the persistent risks of zero-day vulnerabilities.
  • Black Basta ransomware has compromised over 500 organizations globally since its creation in April 2022.
  • Victims include major organizations like Hyundai Europe, Capita, and the American Dental Association.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?