Microsoft patches vulnerability used in Nokoyawa ransomware attacks - Cyber Security News

Read Time:28 Second

Microsoft has released a patch for a Windows zero day vulnerability that has been exploited by cybercriminals in ransomware attacks.

The vulnerability identified as CVE-2023-28252 is a privilege escalation flaw affecting the Windows Common Log File System (CLFS) driver.

CLFS is a general purpose logging service that can be used by dedicated client applications and that multiple clients can share to optimize log access. The vulnerability allows an attacker to elevate privileges to the system in low-complexity attacks without any user interaction.

To read this article in full, please click here

More Stories

Friday Squid Blogging: Cotton-and-Squid-Bone Sponge

News: A sponge made of cotton and squid bone that has absorbed about 99.9% of microplastics in water samples in...

January 10, 2025

Apps That Are Spying on Your Location

404 Media is reporting on all the apps that are spying on your location, based on a hack of the...

January 10, 2025

Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer

CrowdStrike warned it had observed a phishing campaign impersonating the firm’s recruitment process to lure victims into downloading cryptominer Read...

January 10, 2025

Slovakia Hit by Historic Cyber-Attack on Land Registry

A large-scale cyber-attack has targeted the information system of Slovakia’s land registry, impacting the management of land and property records...

January 10, 2025

Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you

A Canadian man lost a $100,000 cryptocurrency fortune - all because he did a careless Google search. Read more in...

January 10, 2025

Medusind Breach Exposes Sensitive Patient Data

The US medical billing firm is notifying over 360,000 customers that their personal, financial and medical data may have been...

January 10, 2025