Hackers bypass Windows SmartScreen flaw to launch malware
Cybercriminals are exploiting a Microsoft Defender vulnerability (CVE-2024-21412) to install malware undetected. Many systems remain unpatched, making them vulnerable. Users should update Windows and be cautious with email attachments.
Read original article
Cybercriminals are exploiting a vulnerability in Microsoft Defender, identified as CVE-2024-21412, to install malware without triggering the Windows SmartScreen protection. Despite a patch released by Microsoft in February, many Windows systems remain unpatched, making them susceptible to attacks. The vulnerability allows attackers to embed malicious URLs in .lnk files, enabling malware execution without detection. Fortinet's global security strategist, Aamir Lakhani, noted that attackers employ various methods to execute the malicious payload, including disguising executables and using .DLL sideloading. Phishing emails are the most common initial attack vector, often using deceptive lures related to healthcare, transportation, and taxes. Other tactics include exploiting Open Redirect links to lead victims to compromised servers. The malware typically provides backdoor access, credential theft, and remote keylogging capabilities. Users and administrators can mitigate the risk by updating Windows, which resolves the vulnerability, and by being cautious with email attachments from untrusted sources.
Related
Windows: Insecure by Design
Ongoing security issues in Microsoft Windows include vulnerabilities like CVE-2024-30080 and CVE-2024-30078, criticized for potential remote code execution. Concerns raised about privacy with Recall feature, Windows 11 setup, and OneDrive integration. Advocacy for Linux desktops due to security and privacy frustrations.
Windows: Insecure by Design
The article discusses ongoing security issues with Microsoft Windows, including recent vulnerabilities exploited by a Chinese hacking group, criticism of continuous patch releases, concerns about privacy invasion with Recall feature, and frustrations with Windows 11 practices. It advocates for considering more secure alternatives like Linux.
Microsoft tells yet more customers their emails have been stolen
Microsoft notifies customers of email theft by Russian criminals, expanding breach scope. Compromised accounts' correspondents informed. US auto dealers face disruptions from cyber incident linked to CDK software. Rabbit R1 AI devices' security flaw disclosed. EU sanctions Russians for cyber attacks.
CrowdStrike IT outage affected 8.5M Windows devices, Microsoft says
Microsoft reports a major global IT outage due to a faulty CrowdStrike update affecting 8.5 million Windows devices. Cybersecurity measures are stressed to prevent further disruptions and hacking attempts.
Microsoft says 8.5M systems hit by CrowdStrike BSOD, releases USB recovery tool
Microsoft addressed issues caused by a faulty CrowdStrike security update affecting 8.5 million Windows systems. A USB recovery tool was released to delete the problematic file, emphasizing the need for thorough update testing.
1 commentsMost important info for end users, I think.
Related
Windows: Insecure by Design
Ongoing security issues in Microsoft Windows include vulnerabilities like CVE-2024-30080 and CVE-2024-30078, criticized for potential remote code execution. Concerns raised about privacy with Recall feature, Windows 11 setup, and OneDrive integration. Advocacy for Linux desktops due to security and privacy frustrations.
Windows: Insecure by Design
The article discusses ongoing security issues with Microsoft Windows, including recent vulnerabilities exploited by a Chinese hacking group, criticism of continuous patch releases, concerns about privacy invasion with Recall feature, and frustrations with Windows 11 practices. It advocates for considering more secure alternatives like Linux.
Microsoft tells yet more customers their emails have been stolen
Microsoft notifies customers of email theft by Russian criminals, expanding breach scope. Compromised accounts' correspondents informed. US auto dealers face disruptions from cyber incident linked to CDK software. Rabbit R1 AI devices' security flaw disclosed. EU sanctions Russians for cyber attacks.
CrowdStrike IT outage affected 8.5M Windows devices, Microsoft says
Microsoft reports a major global IT outage due to a faulty CrowdStrike update affecting 8.5 million Windows devices. Cybersecurity measures are stressed to prevent further disruptions and hacking attempts.
Microsoft says 8.5M systems hit by CrowdStrike BSOD, releases USB recovery tool
Microsoft addressed issues caused by a faulty CrowdStrike security update affecting 8.5 million Windows systems. A USB recovery tool was released to delete the problematic file, emphasizing the need for thorough update testing.