all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Lazarus hackers exploited Windows zero-day to gain Kernel privileges

Add to bookmarks
Feb. 28, 2024, 5:24 p.m. | Bill Toulas

BleepingComputer www.bleepingcomputer.com

North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD (Bring Your Own Vulnerable Driver) techniques. [...]

access applocker bring your own vulnerable driver byovd bypass driver exploited flaw hackers kernel kernel privileges lazarus lazarus group microsoft noisy north north korean own privileges security security tools techniques threat threat actors tools turn vulnerable vulnerable driver windows zero-day

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

Kaspersky releases free tool that scans Linux for known threats 16 hours ago | www.bleepingcomputer.com
free free tool kaspersky linux +13
Google Chrome change that weakens ad blockers begins June 3rd 17 hours ago | www.bleepingcomputer.com
ad blockers change chrome extensions +6
Live Nation finally confirms massive Ticketmaster data breach 1 day, 10 hours ago | www.bleepingcomputer.com
breach cloud cloud database data +12
Ticketmaster confirms massive breach after stolen data for sale online 1 day, 10 hours ago | www.bleepingcomputer.com
breach cloud cloud database data +13
DMM Bitcoin warns that hackers stole $300 million in Bitcoin 1 day, 10 hours ago | www.bleepingcomputer.com
bitcoin btc cryptocurrency cryptocurrency heist +10
CISA warns of actively exploited Linux privilege elevation flaw 1 day, 12 hours ago | www.bleepingcomputer.com
actively exploited agency amp catalog +16
Snowflake account hacks linked to Santander, Ticketmaster breaches 1 day, 14 hours ago | www.bleepingcomputer.com
account accounts actor breaches +16
Europol identifies 8 cybercriminals tied to malware loader botnets 1 day, 15 hours ago | www.bleepingcomputer.com
botnets cybercriminals droppers eight +13
ShinyHunters claims Santander breach, selling data for 30M customers 1 day, 16 hours ago | www.bleepingcomputer.com
account actor bank breach +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com