Best of Zero-Day2024

  1. 1
    Video
    Avatar of davidbombalDavid Bombal·2y

    Reverse Engineering 101 tutorial with the amazing Stephen Sims!

  2. 2
    Article
    Avatar of arcticwolfArctic Wolf·2y

    Anatomy of a Cyber Attack: PAN-OS Firewall Zero-Day I Arctic Wolf

    In April 2024, Palo Alto Networks disclosed a critical zero-day vulnerability, CVE-2024-3400, affecting their PAN-OS firewalls with a severity score of 10.0. The vulnerability allows remote attackers to execute arbitrary code with root privileges. Upon its disclosure, approximately 22,542 internet-exposed firewall devices were vulnerable. Security teams quickly worked to mitigate the threat, stopping attacks in their tracks with proactive measures. Arctic Wolf prevented exploitation through active customer communication and monitoring, successfully thwarting multiple attacks and preventing ransomware infections.

  3. 3
    Article
    Avatar of hnHacker News·2y

    Windows 0-day was exploited by North Korea to install advanced rootkit

    A recent Windows zero-day vulnerability, CVE-2024-38193, exploited by North Korean hackers, was used to install advanced rootkit malware. The exploit allowed attackers to gain system privileges, bypass security, and target sensitive sectors such as cryptocurrency and aerospace. The malware, FudModule, is known for its deep integration into the Windows kernel, making it difficult to detect and prevent. Researchers have linked this activity to the Lazarus Group, a notorious hacking organization backed by the North Korean government.

See all Zero-Day archives