Lazarus APT exploited zero-day in Windows driver to gain kernel privileges | allinfosecnews.com

Feb. 29, 2024, 8:11 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked Lazarus APT group using an admin-to-kernel exploit for a zero-day vulnerability in the appid.sys AppLocker driver. The zero-day, tracked as CVE-2024-21338 has been addressed by Microsoft in the February […]

access admin applocker apt apt group avast breaking news cve cve-2024-21338 driver exploit exploited flaw hacking information security news it information security kernel kernel privileges korea lazarus lazarus apt lazarus apt group malware north north korea pierluigi paganini privileges researchers rootkit systems target vulnerability windows windows driver zero-day zero-day flaw zero-day vulnerability

More from securityaffairs.co / Security Affairs

Ticketmaster confirms data breach impacting 560 million customers 10 hours ago | securityaffairs.co

addresses administrator breach breachforums +22

Critical Apache Log4j2 flaw still threatens global finance 14 hours ago | securityaffairs.co

analyst apache apache log4j2 breaking news +31

Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin 16 hours ago | securityaffairs.co

bitcoin breaking news btc cryptocurrency +13

ShinyHunters is selling data of 30 million Santander customers 1 day, 9 hours ago | securityaffairs.co

actor bank breach breaking news +20

Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours 1 day, 17 hours ago | securityaffairs.co

72 hours black lotus botnet breaking news +23

LilacSquid APT targeted organizations in the U.S., Europe, and Asia since at least 2021 1 day, 19 hours ago | securityaffairs.co

apt apt group asia attacks +19

BBC disclosed a data breach impacting its Pension Scheme members 2 days ago | securityaffairs.co

access bbc breach breaking news +25

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited … 2 days, 10 hours ago | securityaffairs.co

agency breaking news catalog check +31

Experts found a macOS version of the sophisticated LightSpy spyware 2 days, 12 hours ago | securityaffairs.co

breaking news cyber crime cybercrime experts +20

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com