Some of the attacks launched in March by a financially-motivated threat actor against organizations in North America involved a zero-day privilege escalation vulnerability affecting Windows.
According to FireEye, this sophisticated cybercrime group targeted more than 100 companies — mainly in the retail, hospitality and restaurant sectors.