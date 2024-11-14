Vulnerability Management, Threat Intelligence

Newly patched Windows zero-day leveraged to attack Ukraine

Share
Windows 11 start button on computer menu screen close up view

(Adobe Stock)

BleepingComputer reports that Ukrainian organizations have been subjected to suspected Russian cyberattacks involving the newly fixed Windows NTLM Hash Disclosure spoofing flaw, tracked as CVE-2024-43451, since June.

Such intrusions, which Ukraine's Computer Emergency Response Team associated with the Russian threat operation UAC-0194, commenced with the delivery of phishing emails with a URL file, which when interacted exploits the vulnerability to facilitate installation of additional payloads, including the open-source trojan SparkRAT, an analysis from ClearSky researchers showed. Additional findings revealed the exploitation of the Server Message Block protocol to enable attempted NTLM hash exfiltration. Ongoing attacks leveraging the bug, which has been addressed by Microsoft as part of this month's Patch Tuesday, have prompted its inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate impacted instances that include all supported Windows iterations by Dec. 3.

Related

Zero-day vulnerability exploitation escalates

Nearly a third of the top 15 abused bugs last year were attributed to Cisco products, with the NetScaler ADC and Gateway code injection issue, tracked as CVE-2023-3519, being the most dominant vulnerability, having been leveraged to compromise critical infrastructure entities across the U.S.

Related Events

Related Terms

BackdoorBlack HatBrute ForceDNS SpoofingDeauthentication AttackDeepfakeDefacementDictionary AttackDumpSecFault Line Attacks

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.