Black Basta Ransomware: A New Social Engineering Threat
The Black Basta ransomware group has recently launched an aggressive social engineering campaign targeting businesses. Originating from the remnants of the disbanded Conti group, Black…
On February 2024, Microsoft’s Patch Tuesday saw the release of updates addressing 73 vulnerabilities, including two critical zero-day flaws that were actively exploited. Among these vulnerabilities, five were rated as critical, 66 as important, and two as moderate, spanning a wide range of Microsoft products from Windows and Azure to Microsoft Office and Exchange Server.
The critical issues included a notable elevation of privilege vulnerability in Microsoft Exchange Server and remote code execution vulnerabilities in various components. Two zero-day vulnerabilities, CVE-2024-21351 and CVE-2024-21412, were particularly concerning due to their active exploitation, involving a security feature bypass in Windows SmartScreen and Internet Shortcut Files, respectively.
These updates underscore the importance of timely patch management as a cornerstone of cyber security hygiene to mitigate potential attacks and safeguard systems against exploitation.
For more detailed insights and technical analysis, you can read more at the following sites: The Hacker News, BleepingComputer, and Tenable’s blog.