Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hiveproHive ProHIVEPRO:AB4C2A84604B0434A37D2695927D9A64
HistoryAug 11, 2022 - 12:34 p.m.

Zero-day vulnerability leveraged to deploy Cuba Ransomware

2022-08-1112:34:37
Hive Pro
www.hivepro.com
67

0.0004 Low

EPSS

Percentile

13.3%

JSON

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The threat actors behind the Cuba ransomware have stepped up their game by using a new Remote Access Trojan called ROMCOM and weaponizing a local privilege escalation vulnerability(CVE-2022-24521). A wide range of industries was targeted, including professional and legal services and state and local government.

Related

attackerkb 1
checkpoint_advisories 1
cisa_kev 1
prion 1
cvelist 1
thn 8
mssecure 1
nvd 1
mscve 1
securelist 9
cnvd 1
mmpc 1
cve 1
ics 1
hivepro 2
krebs 2
trellix 2
malwarebytes 1
qualysblog 1
threatpost 1
avleonov 1
mskb 15
nessus 11
openvas 7
kaspersky 2
rapid7blog 1
attackerkb
attackerkb
CVE-2022-24521
2022-04-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2022-24521)
2022-04-12 00:00:00
cisa_kev
cisa_kev
Microsoft Windows CLFS Driver Privilege Escalation Vulnerability
2022-04-13 00:00:00
prion
prion
Privilege escalation
2022-04-15 19:15:00
cvelist
cvelist
CVE-2022-24521 Windows Common Log File System Driver Elevation of Privilege Vulnerability
2022-04-15 19:03:42
thn
thn
Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector
2022-10-26 08:13:00
Hackers Behind Cuba Ransomware Attacks Using New RAT Malware
2022-08-11 10:21:00
Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
2022-12-02 06:04:00
mssecure
mssecure
DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
2022-10-25 16:00:00
nvd
nvd
CVE-2022-24521
2022-04-15 19:15:11
mscve
mscve
Windows Common Log File System Driver Elevation of Privilege Vulnerability
2022-04-12 08:00:00
securelist
securelist
Ransomware updates & 1-day exploits
2022-08-24 10:00:13
Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)
2023-12-21 10:00:01
Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)
2023-12-21 10:00:56
cnvd
cnvd
Microsoft Windows Common Log File System Driverζƒι™ζε‡ζΌζ΄ž
2022-04-15 00:00:00
mmpc
mmpc
DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
2022-10-25 16:00:00
cve
cve
CVE-2022-24521
2022-04-15 19:15:11
ics
ics
#StopRansomware: Cuba Ransomware
2023-01-05 12:00:00
hivepro
hivepro
Microsoft Patch Tuesday April 2022 addressed two zero-day vulnerabilities
2022-04-14 05:08:02
Weekly Threat Digest: 11 – 17 April 2022
2022-04-21 04:59:07
krebs
krebs
Microsoft Patch Tuesday, April 2022 Edition
2022-04-13 15:01:24
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
2022-09-14 00:23:45
trellix
trellix
The Bug Report – April 2023 Edition
2023-05-03 00:00:00
The Bug Report – April 2023 Edition
2023-05-03 00:00:00
malwarebytes
malwarebytes
April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities
2022-04-13 13:57:39
qualysblog
qualysblog
April 2022 Patch Tuesday: Microsoft Releases 145 Vulnerabilities with 10 Critical; Adobe Releases 4 Advisories, 78 Vulnerabilities with 51 Critical.
2022-04-12 20:07:30
threatpost
threatpost
Microsoft Zero-Days, Wormable Bugs Spark Concern
2022-04-12 20:00:54
avleonov
avleonov
Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics
2022-04-23 09:22:32
mskb
mskb
April 12, 2022β€”KB5012658 (Monthly Rollup)
2022-04-12 08:00:00
April 12, 2022β€”KB5012649 (Security-only update)
2022-04-12 08:00:00
April 12, 2022β€”KB5012632 (Security-only update)
2022-04-12 08:00:00
nessus
nessus
KB5012632: Windows Server 2008 Security Update (April 2022)
2022-04-12 00:00:00
KB5012653: Windows 10 version 1507 LTS Security Update (April 2022)
2022-04-12 00:00:00
KB5012649: Windows 7 and Windows Server 2008 R2 Security Update (April 2022)
2022-04-12 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5012626)
2022-04-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5012653)
2022-04-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5012591)
2022-04-13 00:00:00
kaspersky
kaspersky
KLA12509 Multiple vulnerabilities in Microsoft Products (ESU)
2022-04-12 00:00:00
KLA12502 Multiple vulnerabilities in Microsoft Windows
2022-04-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - April 2022
2022-04-12 18:48:11

0.0004 Low

EPSS

Percentile

13.3%

JSON
Related for HIVEPRO:AB4C2A84604B0434A37D2695927D9A64
attackerkb1checkpoint_advisories1cisa_kev1prion1cvelist1thn8mssecure1nvd1mscve1securelist9cnvd1mmpc1cve1ics1hivepro2krebs2trellix2malwarebytes1qualysblog1threatpost1avleonov1mskb15nessus11openvas7kaspersky2rapid7blog1