The Lazarus threat group has been exploiting a Microsoft vulnerability associated with Windows Kernel Privilege Escalation to establish a kernel-level read/write primitive. This vulnerability was previously unknown which exists in the appid.sys AppLocker driver. This vulnerability has been assigned with CVE-2024-21338 and has been addressed by Microsoft on their February patch. Once established, threat actors … Continue reading Lazarus Hackers Exploited Windows kernel 0-day In The Wild