Hackers exploited #Windows 0-day for 6 months after #Microsoft knew of it

Source: https://arstechnica.com/security/2024/03/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-of-it/

Even after Microsoft patched the #vulnerability last month, the company made no mention that the North Korean threat group #Lazarus had been using the vulnerability since at least August to install a stealthy #rootkit on vulnerable computers. The vulnerability provided an easy and stealthy means for #malware that had already gained administrative system rights to interact with the Windows #kernel. Lazarus used the vulnerability for just that. Even so, Microsoft has long said that such admin-to-kernel elevations don’t represent the crossing of a security boundary, a possible explanation for the time Microsoft took to fix the vulnerability.

#software #news #security #cybercrime #bug #exploit #0day #fail #economy #problem #politics #hack #Hackers #trust #risk

Hackers exploited Windows 0-day for 6 months after Microsoft knew of it

Technically, Microsoft doesn't consider such bugs vulnerabilities. It patched it anyway.

#Lazarus Group Is Still Juicing #Log4Shell, Using RATs Written in 'D'

source: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Two years on and multiple “the sky is falling” headlines later, Veracode reported last week that more than a third (38%) of all in-use applications are still using vulnerable versions of #Log4j.

#software #fail #bug #security #NorthKorea #attack #problem #news #cybersecurity #update #economy

Lazarus Group Is Still Juicing Log4Shell, Using RATs Written in 'D'

The infamous vulnerability may be on the older side at this point, but North Korea's primo APT Lazarus is creating new, unique malware around it at a remarkable clip.

North Korean hackers target gamers in $615m crypto heist - US

The hack is likely one of the biggest ever to hit the crypto world.

CryptoGames are a horribly bad idea, rife with theft, scams and con artists. Just don't fall for them. Don't play games that are CryptoCurrency "earning" schemes, they end this way or with pump-n-dump plays.

Another Crypto Currency Crime RIng...I'm Shocked :-)

#Crypto #Cryptocurrency #Cryptocrime #BBC #CryptoGames #AxieInfinity #Gaming #ComputerGames #Lazarus #NorthKorea

North Korean hackers target gamers in $615m crypto heist - US

Crypto worth at least $615 million was stolen from players of popular online game Axie Infinity.

Le FBI accuse des pirates nord-coréens du plus grand vol de cryptomonnaies de tous les temps

Des hackers nord coreens auraient volé de la cryptomonnaie.
Et pourquoi pas des billets de Monopoly. Au moins ces derniers polluent bien moins.
Donc vive le vol de #cryptomonnaie . Si vous pouviez détruire les serveurs des mines au passage, ça serait bon pour la Planète.

https://www.phonandroid.com/le-fbi-accuse-des-pirates-nord-coreens-du-plus-grand-vol-de-cryptomonnaies-de-tous-les-temps.html

#lazarus #vol #etherum #bitcoin #planete #environnement #blockchain

Le FBI accuse des pirates nord-coréens du plus grand vol de cryptomonnaies de tous les temps

Le FBI accuse deux groupes de pirates nord-coréens d'être à l'origine du hack de Ronin et du vol de 625 millions de dollars en cryptomonnaies.

The #Lazarus #heist: How North #Korea almost pulled off a billion-dollar #hack

Source: https://www.bbc.com/news/stories-57520169

"The transactions… were held up at the #Fed because the address used in one of the orders included the word 'Jupiter', which is also the name of a sanctioned Iranian shipping vessel," says Carolyn Maloney.

Just the mention of the word "Jupiter" was enough to set alarm bells ringing in the Fed's automated computer systems.

#swift #bank #history #news #security #cybercrime #malware #hacker

The Lazarus heist: How North Korea almost pulled off a billion-dollar hack

In 2016 North Korean hackers planned a $1bn raid on Bangladesh's national bank and came within an inch of success. But how did they do it?