Risk Events
The following list highlights the critical vulnerabilities that were found in the first half of 2024. Notorious groups continue to develop their techniques for dropping ransomware, and other notable vulnerabilities could be used to target highly popular technology like iPhones and Android devices.
CVE-2024-30051
This vulnerability has been observed to be used to deliver the previously notorious banking Trojan and now malware delivery service Qakbot, which throughout the years priori its takedown in 2023 served as an initial infection vector for various ransomware attacks.
CVE-2024-26169
It is believed that cybercriminals linked to the BlackBasta ransomware group have exploited this vulnerability. Investigations revealed that an exploit tool for this CVE was deployed in a ransomware attack attempt, following an initial infection by the DarkGate loader which BlackBasta has been observed to use since the QakBot takedown.
CVE-2023-30040
This vulnerability can be abused by first convincing a user into downloading a malicious file sent via email or instant messenger. When the malicious file is run, cybercriminals can exploit the vulnerability to bypass OLE mitigations in…
