March 11, 2024 at 12:30AM Microsoft took six months to patch a rootkit vulnerability in Windows discovered by North Korean hackers Lazarus Group. Avast researchers notified Microsoft of an admin-to-kernel exploit, but Microsoft did not prioritize the matter, waiting until February’s patch Tuesday to fix the issue. Critical vulnerabilities were also found in recent Apple … Read more
March 2, 2024 at 10:58AM Microsoft recently patched a high-severity Windows Kernel vulnerability, CVE-2024-21338, which was actively exploited for six months after it was reported. The flaw allowed attackers to gain SYSTEM privileges without user interaction. Avast discovered that North Korean Lazarus hackers used the vulnerability to gain kernel-level access and evade security tools. Windows … Read more
February 29, 2024 at 07:09AM The Lazarus Group exploited a zero-day privilege escalation flaw in the Windows Kernel, gaining kernel-level access and disabling security software. Microsoft patched the vulnerability (CVE-2024-21338) as part of Patch Tuesday updates. The group used an in-the-wild admin-to-kernel exploit, allowing them to run the FudModule rootkit, bypass security checks, and disable … Read more
February 29, 2024 at 06:45AM Cybersecurity firm Avast reported that the North Korean group Lazarus exploited a Windows zero-day vulnerability, CVE-2024-21338, using a rootkit called FudModule for privilege escalation. Microsoft patched the flaw but initially did not list it as a zero-day. The attack aimed at evading detection and included a new variant of the … Read more
February 28, 2024 at 12:26PM The Lazarus Group exploited a zero-day flaw in the Windows AppLocker driver to gain kernel-level access and disable security tools. Avast analysts reported the activity, leading to a fix by Microsoft (CVE-2024-21338). The new FudModule rootkit by Lazarus includes advanced evasion techniques. Avast also discovered a previously undocumented RAT used … Read more