top of page
  • Writer's pictureAnup Ghosh

Black Basta Ransomware Infecting Windows Machines Warns CISA

The Download

CISA is warning Federal agencies to immediately patch CVE-2024-26169, a Windows Error Reporting service which was patched on Patch Tuesday. Symantec's research group believes the crime group behind Black Basta ransomware has been actively exploiting CVE-2024-26169 as a zero-day even before Microsoft released the patch in March. CISA took the step of adding CVE-2024-26169 to its Known Exploitable Vulnerability (KEV) list, which mandates Federal agencies must patch this vulnerability. CISA warns that Black Basta has targeted 12 out of 16 critical infrastructure sectors including healthcare and public health.

What You Can Do

This is a core Windows kernel vulnerability that is actively being exploited by notorious ransomware gang. As such, you should be scanning your machines for this vulnerability and patching them. Ransomware infections continue to drive computer incidents because of the amount of revenue associated with companies and organizations that pay ransomware gangs off. Start scanning behind the firewall with ThreatMate.

To Learn More:



bottom of page