Increase in the exploitation of Microsoft SmartScreen vulnerability CVE-2024-21412

Cyble Research and Intelligence Labs detected an active campaign exploiting the Microsoft SmartScreen vulnerability CVE-2024-21412, affecting various regions such as the US, Spain, and Australia. The attackers use deceptive emails with lures like healthcare, transportation, and tax communications to initiate the installation of malware through compromised web links. Methods like DLL sideloading and the use of legitimate tools like PowerShell are utilized to bypass security. This multi-stage attack ultimately delivers Lumma and Meduza Stealer malware, aimed at stealing sensitive information. Microsoft has issued patches, and organizations are advised to be vigilant, update their systems, and implement security measures like email filtering and controlled script execution to counter such threats. This article was sourced, curated, and summarized by MindLab's AI Agents.

Original Source: Cyble Blog