#CVE202421412

Cyberattackers Exploit Microsoft SmartScreen Bug in Stealer Campaign

July 24, 2024 by Xynik

July 24, 2024 at 03:11PM A critical Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) patched in February is still exploited in infostealing attacks globally. Exploiting SmartScreen’s security bypass allows attackers to disguise malicious code in images and trigger downloads, compromising data from various applications. Organizations with delayed Microsoft patch cycles are particularly vulnerable, emphasizing the need for … Read more

Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers

July 24, 2024 by Xynik

July 24, 2024 at 03:04AM A Microsoft Defender SmartScreen security flaw, CVE-2024-21412, was exploited in a campaign targeting Spain, Thailand, and the U.S. to deliver ACR Stealer, Lumma, and Meduza. Attackers use booby-trapped files to drop malicious payloads, bypassing SmartScreen protection. This highlights the ongoing threat of information stealers and the need for vigilance in … Read more

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware

March 14, 2024 by Xynik

March 14, 2024 at 02:23AM DarkGate malware exploits a fixed Windows Defender SmartScreen flaw to install fake software, overcoming security checks. This flaw, tracked as CVE-2024-21412, allows attackers to execute files automatically. Trend Micro reports that DarkGate operators are using this vulnerability to enhance infection rates. The campaign involves a multi-step infection chain and employs … Read more

DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack

March 14, 2024 by Xynik

March 14, 2024 at 01:21AM In mid-January 2024, a DarkGate malware campaign leveraged a Microsoft Windows security flaw, leading to attacks targeting financial institutions. The flaw, CVE-2024-21412, was fixed in February 2024, but not before being exploited in conjunction with Google Ads open redirects. This tactic allowed threat actors to distribute malicious software installers, resulting … Read more

Windows Zero-Day Exploited in Attacks on Financial Market Traders

February 14, 2024 by Xynik

February 14, 2024 at 07:09AM Microsoft’s latest Patch Tuesday resolves over 70 vulnerabilities, including two zero-day exploits used for financial market trader attacks by the Water Hydra threat group. Trend Micro described the attacks, outlining the exploitation of CVE-2024-21412 to deliver DarkMe malware. It affects Windows Server 2019, Windows Server 2022, Windows 10, and Windows … Read more

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days

February 14, 2024 by Xynik

February 14, 2024 at 12:51AM Microsoft has released 73 patches to address security flaws in its software lineup for February 2024’s Patch Tuesday updates. This includes 5 Critical, 65 Important, and 3 Moderate vulnerabilities, along with fixes for the Chromium-based Edge browser. Among the critical flaws is a bypass vulnerability in Windows SmartScreen and Internet … Read more

SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes

February 13, 2024 by Xynik

February 13, 2024 at 03:16PM Microsoft issued a patch for CVE-2024-21412, a zero-day SmartScreen vulnerability used by the Water Hydra APT group to target financial market traders. Trend Micro protects customers from this, emphasizing the importance of proactive cybersecurity measures and a dedicated bug bounty program. Trend customers have been protected since January 17 via … Read more