Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The threat actors behind the Cuba ransomware have stepped up their game by using a new Remote Access Trojan called ROMCOM and weaponizing a local privilege escalation vulnerability(CVE-2022-24521). A wide range of industries was targeted, including professional and legal services and state and local government.