Security News Windows CLFS and five exploits used by ransomware operators

[correlate]

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
Content source
https://securelist.com/windows-clfs-exploits-ransomware/111560/
In April 2023, we published a blog post about a zero-day exploit we discovered in ransomware attacks that was patched as CVE-2023-28252 after we promptly reported it to Microsoft.
In that blog post, we mentioned that the zero-day exploit we discovered was very similar to other Microsoft Windows elevation-of-privilege (EoP) exploits that we have seen in ransomware attacks throughout the year. We found that since June 2022, attackers have used exploits for at least five different Common Log File System (CLFS) driver vulnerabilities. Four of these vulnerabilities used by the attackers (CVE-2022-24521, CVE-2022-37969, CVE-2023-23376, CVE-2023-28252) have been captured in the wild as zero-days.
Click to expand...
securelist.com

Windows CLFS and five exploits used by ransomware operators

We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at...
securelist.com securelist.com
 
  • Like
  • +Reputation
Reactions: Gandalf_The_Grey, Nevi, Andy Ful and 3 others

Similar threads

silversurfer
    • Like
    • +Reputation
    • Thanks
Malware News Information Stealer Exploits Windows SmartScreen Bypass
Replies
1
Views
1,171
Security News
Dave Russo
Dave Russo
Gandalf_The_Grey
    • Wow
    • +Reputation
Security News Over 90,000 LG Smart TVs may be exposed to remote attacks
Replies
1
Views
1,161
Security News
Practical Response
Practical Response
Gandalf_The_Grey
    • Like
    • +Reputation
Security News December Android updates fix critical zero-click RCE flaw
Replies
0
Views
1,334
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top