Security News > 2024 > August > Windows driver zero-day exploited by Lazarus hackers to install rootkit

Windows driver zero-day exploited by Lazarus hackers to install rootkit

2024-08-20 03:32

The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. [...]

News URL

https://www.bleepingcomputer.com/news/microsoft/windows-driver-zero-day-exploited-by-lazarus-hackers-to-install-rootkit/

#hacker #windows #zeroday

Related news

Windows MSHTML zero-day used in malware attacks for over a year (source)
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks (source)
“Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days (source)
New Windows SmartScreen bypass exploited as zero-day since March (source)
0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193) (source)
Hackers use PHP exploit to backdoor Windows systems with new malware (source)
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control (source)
Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs (source)
South Korean hackers exploited WPS Office zero-day to deploy malware (source)
Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.