#CVE202438178

Malicious ads exploited Internet Explorer zero day to drop malware

October 16, 2024 by Xynik

October 16, 2024 at 10:08AM North Korean hacking group ScarCruft executed a large-scale attack in May using an Internet Explorer zero-day vulnerability (CVE-2024-38178) to disseminate the RokRAT malware via deceptive toast ads. A joint report from South Korea’s NCSC and AhnLab highlights the threat, with Microsoft releasing a security update in August 2024. **Meeting Notes … Read more

North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware

October 16, 2024 by Xynik

October 16, 2024 at 07:45AM North Korean group ScarCruft exploited a zero-day vulnerability (CVE-2024-38178) in Windows to deploy RokRAT malware via a compromised advertising server. Users are tricked into clicking malicious links. This incident showcases ScarCruft’s evolving techniques, emphasizing the need for software updates to enhance security against such threats. ### Meeting Takeaways – October … Read more