Security News Windows CLFS and five exploits used by ransomware operators

[correlate]

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
May 4, 2019
825
Content source
https://securelist.com/windows-clfs-exploits-ransomware/111560/
In April 2023, we published a blog post about a zero-day exploit we discovered in ransomware attacks that was patched as CVE-2023-28252 after we promptly reported it to Microsoft.
In that blog post, we mentioned that the zero-day exploit we discovered was very similar to other Microsoft Windows elevation-of-privilege (EoP) exploits that we have seen in ransomware attacks throughout the year. We found that since June 2022, attackers have used exploits for at least five different Common Log File System (CLFS) driver vulnerabilities. Four of these vulnerabilities used by the attackers (CVE-2022-24521, CVE-2022-37969, CVE-2023-23376, CVE-2023-28252) have been captured in the wild as zero-days.
Click to expand...
securelist.com

Windows CLFS and five exploits used by ransomware operators

We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at...
securelist.com securelist.com
 
  • Like
  • +Reputation
Reactions: Gandalf_The_Grey, Nevi, Andy Ful and 3 others

Similar threads

Gandalf_The_Grey
    • Like
Security News New Windows Themes zero-day gets free, unofficial patches
Replies
0
Views
794
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Thanks
Security News South Korean hackers exploited WPS Office zero-day to deploy malware
Replies
4
Views
2,379
Security News
cartaphilus
cartaphilus
lokamoka820
    • Like
    • +Reputation
Security News Google Patches Another Zero-Day Vulnerability in Chrome
Replies
6
Views
1,876
Security News
lokamoka820
lokamoka820

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top