What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-02-29 16:49:00 | Les pirates de Lazarus ont exploité la faille du noyau Windows comme zéro-jour lors d'attaques récentes Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks (lien direct) |
Les célèbres acteurs du groupe Lazare ont exploité un défaut d'escalade de privilèges récemment corrigé dans le noyau Windows comme un jour zéro pour obtenir l'accès au niveau du noyau et désactiver les logiciels de sécurité sur les hôtes compromis.
La vulnérabilité en question est & NBSP; CVE-2024-21338 & NBSP; (Score CVSS: 7.8), qui peut permettre à un attaquant d'obtenir des privilèges système.Il a été résolu par Microsoft plus tôt ce mois-ci dans le cadre
The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It was resolved by Microsoft earlier this month as part |
Vulnerability Threat | APT 38 | ★★★ |
|
2023-03-08 16:04:00 | Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity (lien direct) | The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's widely used by public institutions and universities, the re-infiltration in October 2022 involved the | Hack Vulnerability Medical | APT 38 | ★★★ |
|
2022-10-03 16:26:00 | Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers (lien direct) | The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver, highlighting new tactics adopted by the state-sponsored adversary. The Bring Your Own Vulnerable Driver (BYOVD) attack, which took place in the autumn of 2021, is another variant of the threat actor's espionage-oriented activity called Operation In(ter) | Vulnerability Threat Medical | APT 38 | |
|
2022-05-20 02:23:24 | Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoor (lien direct) | The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped (aka Manuscrypt) implant against targets located in its southern counterpart. "The attacker used the Log4j vulnerability on VMware Horizon products that were not applied with the security patch," AhnLab Security Emergency Response Center (ASEC) said in a | Vulnerability Medical | APT 38 |
1
We have: 4 articles.
We have: 4 articles.
To see everything:
Our RSS (filtrered)
