Tag: CVE-2024-21412

3 Attack Reports | 0 Vulnerabilities

Attack reports

Exploiting CVE-2024-21412: A Stealer Campaign Unleashed

This report details a malicious campaign exploiting the CVE-2024-21412 vulnerability in Microsoft Windows SmartScreen to bypass security warnings and deliver malware. Attackers employ crafted links, LNK files, and HTA scripts to download decoy PDFs and shell code injectors, ultimately injecting ste…
malware
evasion
windows
stealer
CVE-2024-21412
injection
pdf
meduza stealer
2024-07-24
acr stealer
Published: July 24, 2024
Downloadable IOCs: 27

Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412

Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…
phishing
vulnerability
stealer
CVE-2024-21412
spam
malicious
2024-07-11
lumma
meduza stealer
Published: July 11, 2024
Downloadable IOCs: 12

The Darkgate Menace: Leveraging Autohotkey & Attempt to Evade Smartscreen

This report details a novel infection chain associated with DarkGate malware, a Remote Access Trojan (RAT) that exploits the AutoHotkey utility and attempts to bypass Microsoft Defender SmartScreen. The infection begins with an HTML-based entry point or an XLS file, utilizing techniques such as dis…
html
autohotkey
darkgate
CVE-2023-36025
CVE-2024-21412
microsoft defender smartscreen
xls file
Published: April 30, 2024
Downloadable IOCs: 15
Click here to see more Attack Reports