Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

/in

A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea.
The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock.
“An attacker who successfully exploited this

The Hacker News – ​Read More

Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime GroupResearchers Uncover New Infrastructure Tied to FIN7 Cybercrime GroupUpdate: Windows Zero-Day Flaw was Exploited by North Korea-linked Lazarus A...