- Aug 17, 2017
Cyber criminals are exploiting an old vulnerability in Intel drivers in an attempt to gain access to networks in a way that allows them to bypass cybersecurity protections. The attacks have been detailed by cybersecurity researchers at Crowdstrike, who suggest the campaign targeting Windows systems is the work of a cyber-criminal group they track as Scattered Spider -- also known as Roasted 0ktapus and UNC3944. Scattered Spider is a financially motivated cybercrime operation, which researchers say takes particular interest in telecoms and the business outsourcing sectors, with the objective of gaining access to mobile carrier networks. It's thought that the attackers initially gain access to networks by using SMS phishing attacks to steal usernames and passwords. In some cases, the attackers have used this access to gain access to additional credentials, while the group is also thought to engage in SIM-swapping attacks.
CVE-2015-2291 is a years-old security vulnerability - but cyber criminals are still able to take advantage of unpatched systems to compromise networks.