Latest OilRig attack chain
https://www.bleepingcomputer.com/news/security/oilrig-hackers-now-exploit-windows-flaw-to-elevate-privileges/
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region.
In these attacks, spotted by Trend Micro researchers, OilRig deployed a novel backdoor, targeting Microsoft Exchange servers to steal credentials, and also exploited the Windows CVE-2024-30088 flaw to elevate their privileges on compromised devices.