#SmartScreenVulnerability

Cyberattackers Exploit Microsoft SmartScreen Bug in Stealer Campaign

by

July 24, 2024 at 03:11PM A critical Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) patched in February is still exploited in infostealing attacks globally. Exploiting SmartScreen’s security bypass allows attackers to disguise malicious code in images and trigger downloads, compromising data from various applications. Organizations with delayed Microsoft patch cycles are particularly vulnerable, emphasizing the need for … Read more

Hackers abuse Windows SmartScreen flaw to drop DarkGate malware

by

March 13, 2024 at 05:26PM The DarkGate malware exploits Windows Defender SmartScreen vulnerability, allowing attackers to automatically install fake software. Microsoft fixed the flaw in mid-February, but DarkGate operators are still using it to infect targeted systems. The attack involves malicious emails with PDF attachments, using open redirects to bypass security checks. Once executed, the … Read more

Windows SmartScreen flaw exploited to drop Phemedrone malware

by

January 15, 2024 at 01:34PM Phemedrone malware exploits Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass security prompts in Windows. It steals data from web browsers, cryptocurrency wallets, and apps like Discord and Steam. The flaw was fixed in November 2023, but unpatched systems remain at risk. Trend Micro researchers have identified the specific apps and … Read more