OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
13 October 2024
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region.
"The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities