Security News > 2024 > August > Windows driver zero-day exploited by Lazarus hackers to install rootkit

Windows driver zero-day exploited by Lazarus hackers to install rootkit

2024-08-20 03:32

The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. [...]

News URL

https://www.bleepingcomputer.com/news/microsoft/windows-driver-zero-day-exploited-by-lazarus-hackers-to-install-rootkit/

#hacker #windows #zeroday

Related news

Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 (source)
New Windows zero-day exploited by 11 state hacking groups since 2017 (source)
APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
EncryptHub linked to MMC zero-day attacks on Windows systems (source)
New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.