CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG | allinfosecnews.com

March 5, 2024, 3:14 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Windows Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2024-21338 (CVSS Score 7.8) Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. An attacker can exploit this vulnerability to gain SYSTEM privileges. […]

access access control agency apt breaking news bug catalog cisa control cve cve-2024-21338 cvss cvss score cybersecurity exploited exploited vulnerabilities exposed hacking information security news infrastructure infrastructure security it information security kernel kernel bug known exploited known exploited vulnerabilities known exploited vulnerabilities catalog lazarus lazarus apt malware microsoft microsoft windows pierluigi paganini score security vulnerabilities vulnerability windows windows kernel

More from securityaffairs.co / Security Affairs

Hackers may have accessed thousands of accounts on the California state welfare platform 13 hours ago | securityaffairs.co

accounts benefitscal breach breached +21

Brokewell Android malware supports an extensive set of Device Takeover capabilities 20 hours ago | securityaffairs.co

android android malware breaking news brokewell android malware +18

Experts warn of an ongoing malware campaign targeting WP-Automatic plugin 1 day, 14 hours ago | securityaffairs.co

automatic backdoors breaking news campaign +33

Cryptocurrencies and cybercrime: A critical intermingling 1 day, 16 hours ago | securityaffairs.co

breaking news critical cryptocurrencies cyber crime +14

Kaiser Permanente data breach may have impacted 13.4 million patients 1 day, 17 hours ago | securityaffairs.co

american breach breaking news care +27

Over 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug 1 day, 19 hours ago | securityaffairs.co

attacks breaking news bug critical +25

Sweden’s liquor supply severely impacted by ransomware attack on logistics company 1 day, 21 hours ago | securityaffairs.co

alcohol attack breaking news critical +17

CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities … 2 days, 8 hours ago | securityaffairs.co

actor agency asa breaking news +28

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog 2 days, 14 hours ago | securityaffairs.co

agency breaking news catalog cisa +29

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Application Security Engineer - Enterprise Engineering

@ Meta | Bellevue, WA | Seattle, WA | New York City | Fremont, CA

View on infosec-jobs.com

Security Engineer

@ Retool | San Francisco, CA

View on infosec-jobs.com

Senior Product Security Analyst

@ Boeing | USA - Seattle, WA

View on infosec-jobs.com

Junior Governance, Risk and Compliance (GRC) and Operations Support Analyst

@ McKenzie Intelligence Services | United Kingdom - Remote

View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City

View on infosec-jobs.com