Microsoft Zero-Day Used by Lazarus in Rootkit Attack

North Korean state actors Lazarus Group used a Windows AppLocker zero-day, along with a new and improved rootkit, in a recent cyberattack, researchers report.

Follow Dark Reading:

March 04, 2024

LATEST SECURITY NEWS & COMMENTARY Microsoft Zero-Day Used by Lazarus in Rootkit Attack North Korean state actors Lazarus Group used a Windows AppLocker zero-day, along with a new and improved rootkit, in a recent cyberattack, researchers report. CISO Corner: Operationalizing NIST CSF 2.0; AI Models Run Amok Dark Reading's roundup of strategic cyber-operations insights for chief information security officers and security leaders. Also this week: SEC enforcement actions, biometrics regulation, and painful encryption changes in the pike. Millions of Malicious Repositories Flood GitHub GitHub and cyberattackers are waging a quiet, automated war over malicious repos. NIST Cybersecurity Framework 2.0: 4 Steps to Get Started The National Institute of Standards and Technology (NIST) has revised the book on creating a comprehensive cybersecurity program that aims to help organizations of every size be more secure. Here's where to start putting the changes into action. Taiwan's Biggest Telco Breached by Suspected Chinese Hackers Stolen data from Chunghwa Telecom — including government-related details — are up for sale on the Dark Web, the Taiwanese defense ministry confirms. CryptoChameleon Attackers Target Apple, Okta Users With Tech Support Gambit A sophisticated threat actor using an MO similar to Scattered Spider is camouflaging itself with convincing impersonation techniques in targeted attacks. Tips on Managing Diverse Security Teams The better a security team works together, the bigger the direct impact on how well it can protect the organization. Biometrics Regulation Heats Up, Portending Compliance Headaches A growing thicket of privacy laws regulating biometrics is aimed at protecting consumers amid increasing cloud breaches and AI-created deepfakes. But for businesses that handle biometric data, staying compliant is easier said than done. MORE NEWS / MORE COMMENTARY HOT TOPICS Hugging Face AI Platform Riddled With 100 Malicious Code-Execution Models The finding underscores the growing risk of weaponizing publicly available AI models and the need for better security to combat the looming threat. Echoes of SolarWinds in New 'Silver SAML' Attack Technique A successor to the "Golden SAML" tactic used in the SolarWinds campaign, this new technique taps SAML response forgery to gain illegitimate access to apps and services. MTTR: The Most Important Security Metric Measuring and tracking your mean time to remediate shows whether vulnerability management is reducing risk and closing opportunities for adversaries. MORE PRODUCTS & RELEASES Entro Extends Machine Secrets and Identities Protection With Machine Identity Lifecycle Management Cybersecurity Startup Morphisec Appoints Ron Reinfeld As CEO Troutman Pepper Forms Incidents and Investigations Team Tenable Introduces Visibility Across IT, OT, and IoT Domains MORE PRODUCTS & RELEASES EDITORS' CHOICE MITRE Rolls Out 4 Brand-New CWEs for Microprocessor Security Bugs Goal is to give chip designers and security practitioners in the semiconductor space a better understanding of major microprocessor flaws like Meltdown and Spectre. LATEST FROM THE EDGE It's 10 p.m. Do You Know Where Your AI Models Are Tonight? Lack of AI model visibility and security puts the software supply chain security problem on steroids. LATEST FROM DR TECHNOLOGY Cloud Apps Make the Case for Pen-Testing-as-a-Service Applications are increasingly distributed, expanding companies' cloud attack surfaces and requiring regular testing to find and fix vulnerabilities — and avoid the risk of a growing sprawl of services. LATEST FROM DR GLOBAL Infrastructure Cyberattacks, AI-Powered Threats Pummel Africa Convincing phishing emails, synthetic identities, and deepfakes all have been spotted in cyberattacks on the continent. WEBINARS How To Optimize and Accelerate Cybersecurity Initiatives for Your Business How Supply Chain Attacks Work -- And How to Stop Them View More Dark Reading Webinars >> WHITE PAPERS Secure Access for Operational Technology at Scale Endpoint Best Practices to Block Ransomware Fortinet Named a Leader in the Forrester Wave: Zero Trust Edge (ZTE) Solutions 2023 Work-from-Anywhere Global Study Building Cyber Resiliency: Key Strategies for Proactive Security Operations Mandiant Threat Intelligence at Penn State Health The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023 View More White Papers >> FEATURED REPORTS Industrial Networks in the Age of Digitalization Zero-Trust Adoption Driven by Data Protection How Enterprises Assess Their Cyber-Risk View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024 | Informa Tech | Privacy Statement | Terms & Conditions | Contact Us