Vulnerability cyber

Microsoft

Jul 26, 2024 1 min read
Microsoft

Microsoft faced a cyberattack where the CVE-2024-21412 vulnerability in the Defender SmartScreen was exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza, affecting users in Spain, Thailand, and the US. Attackers utilized crafted links to bypass security features and install malware that stole data and targeted specific regions. Despite Microsoft releasing a patch for the vulnerability, the attack compromised personal and potentially sensitive information. Organizational cybersecurity defenses were challenged by the innovative methods used by the attackers, underscoring the criticality of awareness and proactive security measures.

Source: https://securityaffairs.com/166152/security/cve-2024-21412-flaw-info-stealers.html

TPRM report: https://scoringcyber.rankiteo.com/company/microsoft

"id": "mic000072624",
"linkid": "microsoft",
"type": "Vulnerability",
"date": "7/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Technology',
                        'location': ['Spain', 'Thailand', 'US'],
                        'name': 'Microsoft',
                        'type': 'Corporation'}],
 'attack_vector': 'Crafted links to bypass security features',
 'data_breach': {'type_of_data_compromised': 'Personal and potentially '
                                             'sensitive information'},
 'description': 'Microsoft faced a cyberattack where the CVE-2024-21412 '
                'vulnerability in the Defender SmartScreen was exploited to '
                'deliver information stealers such as ACR Stealer, Lumma, and '
                'Meduza, affecting users in Spain, Thailand, and the US. '
                'Attackers utilized crafted links to bypass security features '
                'and install malware that stole data and targeted specific '
                'regions. Despite Microsoft releasing a patch for the '
                'vulnerability, the attack compromised personal and '
                'potentially sensitive information. Organizational '
                'cybersecurity defenses were challenged by the innovative '
                'methods used by the attackers, underscoring the criticality '
                'of awareness and proactive security measures.',
 'impact': {'data_compromised': 'Personal and potentially sensitive '
                                'information'},
 'initial_access_broker': {'entry_point': 'Crafted links'},
 'lessons_learned': 'Criticality of awareness and proactive security measures',
 'motivation': 'Data theft',
 'post_incident_analysis': {'corrective_actions': 'Patch released',
                            'root_causes': 'CVE-2024-21412 vulnerability'},
 'response': {'remediation_measures': 'Patch released'},
 'title': 'Microsoft Cyberattack via CVE-2024-21412 Vulnerability',
 'type': 'Cyberattack',
 'vulnerability_exploited': 'CVE-2024-21412'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

SBI

public 1 min read
A significant security flaw identified in the YONO SBI banking application exposes millions of users to cybersecurity threats. The vulnerability,…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.