Tag: CVE-2024-21412

This report details a malicious campaign exploiting the CVE-2024-21412 vulnerability in Microsoft Windows SmartScreen to bypass security warnings and deliver malware. Attackers employ crafted links, LNK files, and HTA scripts to download decoy PDFs and shell code injectors, ultimately injecting ste…

Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…

This report details a novel infection chain associated with DarkGate malware, a Remote Access Trojan (RAT) that exploits the AutoHotkey utility and attempts to bypass Microsoft Defender SmartScreen. The infection begins with an HTML-based entry point or an XLS file, utilizing techniques such as dis…