QakBot attacks with Windows zero-day (CVE-2024-30051)


In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild.

While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on April 1, 2024. This document caught the researchers attention because it had a rather descriptive file name, which indicated that it contained information about a vulnerability in Windows OS. Inside there the researchers found a brief description of a Windows Desktop Window Manager (DWM) vulnerability and how it could be exploited to gain system privileges, everything written in very brok

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • Equifax Suffered Data Breach After It Failed to Patch Old Apache Struts Flaw

    September 13, 2017

    The massive Equifax data breach that exposed highly sensitive data of as many as 143 million people was caused by exploiting a flaw in Apache Struts framework, which Apache patched over two months earlier of the security incident, Equifax has confirmed. Credit rating agency Equifax is yet another example of the companies that became victims of massive cyber attacks due ...

  • Immediately Patch Windows 0-Day Flaw That’s Being Used to Spread Spyware

    September 13, 2017

    Windows 0-Day Flaw Get ready to install a fairly large batch of security patches onto your Windows computers. As part of its September Patch Tuesday, Microsoft has released a large batch of security updates to patch a total of 81 CVE-listed vulnerabilities, on all supported versions of Windows and other MS products. The latest security update addresses ...

  • BlueBorne: Critical Bluetooth Attack Puts Billions of Devices at Risk of Hacking

    September 12, 2017

    If you are using a Bluetooth enabled device, be it a smartphone, laptop, smart TV or any other IoT device, you are at risk of malware attacks that can carry out remotely to take over your device even without requiring any interaction from your side. Security researchers have just discovered total 8 zero-day vulnerabilities in Bluetooth ...

  • D-Link router riddled with 0-day flaws

    September 12, 2017

    A security researcher has shamed D‑Link by publicly disclosing 10 serious, as-yet unpatched vulnerabilities in a line of consumer-grade routers without notifying the vendor first. Security researcher Pierre Kim went public on a series of flaws in D‑Link DIR 850L wireless AC1200 dual-band gigabit cloud routers without disclosing the issue to D‑Link beforehand because of a ...

  • Android Users Vulnerable to ‘High-Severity’ Overlay Attacks

    September 9, 2017

    Security researchers warned of a high-severity Android flaw on Thursday that stems from what they call a “toast attack” overlay vulnerability. Researchers say criminals could use the Android’s toast notification, a feature that provides simple feedback about an operation in a small pop up, in an attack scenario to obtain admin rights on targeted phones ...

  • Equifax hack: Britons among 143 million people to have their details compromised

    September 8, 2017

    Credit agency Equifax has admitted that data from 143 million customers may have been compromised in a security breach earlier this year. US, UK and Canadian residents are among those to have their details accessed through a website application vulnerability. The attack was discovered to have run from mid-May until 29 July, but the US company has ...