{"vulnerability": "CVE-2024-21412", "sightings": [{"uuid": "2392f1b9-8a0e-4b52-b689-5eabe3e00fbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/14/cve-2024-38213-copy2pwn-exploit-evades-windows-web-protections", "content": "", "creation_timestamp": "2024-08-15T15:41:52.000000Z"}, {"uuid": "8730d722-45a2-48a9-a982-1a539d37daa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-02-13T21:10:03.000000Z"}, {"uuid": "f8aee9ad-26e9-42d8-8bd8-abf5e8a60a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "MISP/9c9b48f3-b1ea-49bb-a23f-748ce03c1098", "content": "", "creation_timestamp": "2024-02-24T20:55:46.000000Z"}, {"uuid": "ef4ba88e-973d-4c7f-a9bc-4fae5f3cee0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://www.thezdi.com/blog/2025/1/8/zdi-threat-hunting-2024-highlights-trends-amp-challenges", "content": "", "creation_timestamp": "2025-01-08T16:07:59.000000Z"}, {"uuid": "aa577fbe-3fe6-47de-886e-f29fc9cea663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfaqqapmib2c", "content": "", "creation_timestamp": "2025-01-08T18:03:06.992253Z"}, {"uuid": "ad3375c1-d193-46be-b729-a3edef353af7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfaqqb4ci62o", "content": "", "creation_timestamp": "2025-01-08T18:03:07.997384Z"}, {"uuid": "d7849177-2330-40ce-95dd-6473cbfe13a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://bsky.app/profile/calebpr.bsky.social/post/3ll5pwzskst2p", "content": "", "creation_timestamp": "2025-03-24T21:42:12.177074Z"}, {"uuid": "7d0a05a2-93d5-4556-8fca-9f34c9f7fdc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3lkref3u5qw2t", "content": "", "creation_timestamp": "2025-03-19T23:43:21.909482Z"}, {"uuid": "838f5207-605c-4f02-aadd-2659a2824085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:52.000000Z"}, {"uuid": "d160e9b0-114c-49e4-bacd-da1a9ac0754e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1767-e109-c566-f76675470821", "content": "", "creation_timestamp": "2025-03-24T07:40:56.930794Z"}, {"uuid": "81e4e7ab-795c-46b6-b8c0-2a2f9d6cc67a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/00ec6948-99b5-4263-a539-7f4f40868688", "content": "", "creation_timestamp": "2026-02-02T12:26:41.270289Z"}, {"uuid": "6bcd23e9-5bf9-4921-ba44-145bdc3ba264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "MISP/9c9b48f3-b1ea-49bb-a23f-748ce03c1098", "content": "", "creation_timestamp": "2025-07-02T17:25:50.000000Z"}, {"uuid": "7e78b461-3aa6-4b4f-9559-9a609d40fd33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c9b5ed00-a042f795a585f1dc", "content": "", "creation_timestamp": "2025-06-03T15:21:26.822830Z"}, {"uuid": "19b7898b-5e65-4050-b001-6b4b35a65f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:25.000000Z"}, {"uuid": "1816eae8-6218-4dd1-aa00-5fe080c41684", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrwwhxlrohf2", "content": "", "creation_timestamp": "2025-06-19T06:47:15.272942Z"}, {"uuid": "0afbec90-a131-44a6-a512-24ab5459a591", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/kasperskyb2b/1221", "content": "\ud83d\udcbb \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439: \u0434\u0432\u0430 0-day \u0438 \u043a\u0430\u0448\u0430 \u0432 \u0420\u0435\u0434\u043c\u043e\u043d\u0434\u0435\n\nMicrosoft \u0437\u0430\u043a\u0440\u044b\u043b\u0430 \u0432 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 150 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445  \u0432\u0441\u0435\u0433\u043e \u0442\u0440\u0438 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 (\u0432\u0441\u0435 \u2014 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Defender for IoT). \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u044f\u0432\u043b\u044f\u043b\u0430, \u0447\u0442\u043e \u043d\u0438 \u043e\u0434\u043d\u0430 \u0434\u044b\u0440\u0430 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432\u0436\u0438\u0432\u0443\u044e, \u043d\u043e \u0441\u043f\u0443\u0441\u0442\u044f \u0432\u0441\u0435\u0433\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0447\u0430\u0441\u043e\u0432 \u043d\u0430\u0447\u0430\u043b\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u0440\u0440\u0435\u043a\u0446\u0438\u0438 \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438. CVE-2024-26234 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u043e\u043c\u0443 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0443 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0430 CVE-2024-29988 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c WIndows SmartScreen. \u041e\u043d \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u0442\u043e\u0440\u043e\u0439 \u0447\u0430\u0441\u0442\u044c\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 (CVE-2024-21412). \u0420\u0430\u043d\u0435\u0435 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u043c \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 ransomware. \n\n\u041f\u043e\u0447\u0442\u0438 \u0432\u0441\u0435 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u044b\u0440\u044b \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 important. \u0410\u0436 67 \u0448\u0442\u0443\u043a \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, 31 \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 27 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 12 \u2014 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 7 DoS. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e Microsoft \u043d\u0430\u0447\u0430\u043b\u0430 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u0442\u0438\u043f \u0434\u0435\u0444\u0435\u043a\u0442\u0430 (CWE) \u0432 \u043a\u0430\u0440\u0442\u043e\u0447\u043a\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f.\n\n\u0421\u0440\u0435\u0434\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u043c\u0435\u044e\u0449\u0438\u0445 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u0431\u0443\u0434\u0443\u0449\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 RCE \u0432 RPC (CVE-2024-20678) \u0438 \u0432 Excel (CVE-2024-26257).\n\n\u0426\u0435\u043b\u044b\u0445 41 CVE \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430\u043c ODBC (Open Database Connectivity), \u0432\u0438\u0434\u0438\u043c\u043e \u0432 \u043d\u0438\u0445 \u0432\u0441\u0435\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u044b\u0439 \u0434\u0435\u0444\u0435\u043a\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0442\u044f\u043d\u0443\u043b \u043d\u0430 CVSS 8.8. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0441\u043b\u043e\u0436\u043d\u043e\u0432\u0430\u0442\u0430 \u2014 \u043d\u0430\u0434\u043e \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 SQL-\u0441\u0435\u0440\u0432\u0435\u0440\u0443. \n\n\u0415\u0449\u0451 24 CVE \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 secure boot. \u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u0441 secure boot, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0441\u043e\u043f\u0440\u044f\u0436\u0435\u043d\u0430 \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u0440\u0443\u0447\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0435\u0439 \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f DBX.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-04-10T09:11:17.000000Z"}, {"uuid": "445f19a8-b541-4df0-8471-e24a6b6d418b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "published-proof-of-concept", "source": "https://t.me/dfirclub/93", "content": "\u0633\u0646\u062f \u0631\u0627\u0647\u0646\u0645\u0627\u06cc SOC \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u067e\u0627\u0633\u062e\u06af\u0648\u06cc\u06cc \u0628\u0647 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2024-21412", "creation_timestamp": "2024-08-03T07:42:04.000000Z"}, {"uuid": "213a269d-480b-4198-90b5-5817b52cc5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/itsec_news/4112", "content": "\u200b\u26a1\ufe0f\u0412 Windows \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0444\u0443\u043d\u0434\u0430\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u0430\u044f 24-\u043b\u0435\u0442\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udcac \u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 Patch Tuesday \u043e\u0442 Microsoft, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u043c \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430, \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b 73 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0438 \u043e\u0434\u043d\u0430 \u043f\u043e-\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0434\u0440\u0435\u0432\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 Windows \u0443\u0436\u0435 24 \u0433\u043e\u0434\u0430.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 5 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0441\u0442\u0430\u0442\u0443\u0441 \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435\u00bb, 65 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u00ab\u0432\u0430\u0436\u043d\u044b\u0435\u00bb, \u0430 \u0435\u0449\u0451 3 \u2014 \u043a\u0430\u043a \u00ab\u0443\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0435\u00bb. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b 24 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u0432 \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u043e\u043c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Microsoft \u043d\u0430 \u0431\u0430\u0437\u0435 Chromium \u2014 Edge.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c:\n\nCVE-2024-21351 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.6), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0437\u0430\u0449\u0438\u0442\u044b Windows SmartScreen;\nCVE-2024-21412 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8.1), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0437\u0430\u0449\u0438\u0442\u0443 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 \u044f\u0440\u043b\u044b\u043a\u043e\u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430.\nMicrosoft \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-21351, \u0443\u043a\u0430\u0437\u0430\u0432 \u043d\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u0441\u0431\u043e\u044f\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0410 CVE-2024-21412 \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043c\u0435\u0440\u044b, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0436\u0435\u0440\u0442\u0432\u0435.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 Known Exploited Vulnerabilities (KEV) \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 (CISA), \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0435\u0439 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430\u043c \u0421\u0428\u0410 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a 5 \u043c\u0430\u0440\u0442\u0430 2024 \u0433\u043e\u0434\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\nCVE-2024-20684 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 6.5) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Hyper-V, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438;\nCVE-2024-21357 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.5) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Windows Pragmatic General Multicast (PGM);\nCVE-2024-21380 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8.0) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Dynamics Business Central / NAV, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438;\nCVE-2024-21410 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9.8) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Microsoft Exchange Server;\nCVE-2024-21413 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9.8) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Microsoft Outlook.\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u0434\u0430\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 CVE-2023-50387 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.5) \u0432 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 DNSSEC, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u0432\u0448\u0435\u0439 \u0432 Windows \u0446\u0435\u043b\u044b\u0445 24 \u0433\u043e\u0434\u0430 . \u041e\u043d\u0430 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 CPU \u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 DNS-\u0440\u0435\u0437\u043e\u043b\u0432\u0435\u0440\u043e\u0432, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 Microsoft, \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u2014 Adobe, AMD, ASUS, Cisco, Intel, Ivanti, Lenovo \u0438 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0440\u0443\u0433\u0438\u0435, \u0447\u0442\u043e \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u0440\u0430\u0431\u043e\u0442\u0443 \u043f\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u043c \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0435.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-14T16:13:10.000000Z"}, {"uuid": "cfbe21d6-1a7e-4ced-b914-0af5d44232e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/dfirclub/92", "content": "\u0633\u0646\u062f \u0631\u0627\u0647\u0646\u0645\u0627\u06cc SOC \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u067e\u0627\u0633\u062e\u06af\u0648\u06cc\u06cc \u0628\u0647 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2024-21412\n\n\ud83d\udc47\ud83d\udc47\ud83d\udc47\ud83d\udc47\ud83d\udc47\ud83d\udc47", "creation_timestamp": "2024-08-03T07:41:50.000000Z"}, {"uuid": "f975d79d-074a-4396-9477-8800f87ba9fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1227", "content": "", "creation_timestamp": "2024-02-14T04:00:00.000000Z"}, {"uuid": "5ba99bad-f1cc-498c-ba69-ee519931e7a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "Telegram/9tWPShhc-B80D15Jzpx2wrxLzZESeURGCxUAWEfW_D8H9w", "content": "", "creation_timestamp": "2024-02-14T09:38:20.000000Z"}, {"uuid": "ab49e2f3-3f75-42e1-a8a9-591bde79bcdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/1353", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udcbb \u0426\u0435\u043b\u0430\u044f \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0430 \u0441\u0432\u0435\u0436\u0438\u0445 \u043e\u0442\u0447\u0451\u0442\u043e\u0432 \u043f\u043e \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 Andariel/APT45/Onyx Sleet: \u043e\u0442 Google, Microsoft, CISA.\n\n\ud83d\udc6e\u200d\u2640\ufe0f \u041e\u0431\u0437\u043e\u0440 \u043a\u0438\u0431\u0435\u0440\u043a\u0440\u0438\u043c\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u0430 \u043e\u0442 \u0415\u0432\u0440\u043e\u043f\u043e\u043b\u0430 (IOCTA 2024). \u041f\u043e\u043b\u0438\u0446\u0435\u0439\u0441\u043a\u0438\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0431\u0430\u043d\u0434\u044b ransomware \u0441\u0442\u0430\u043b\u0438 \u0441\u0442\u043e\u0440\u043e\u043d\u0438\u0442\u044c\u0441\u044f \u00ab\u0431\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0445\u00bb RaaS \u0438 \u0432 \u0446\u0435\u043b\u043e\u043c \u0441\u0442\u0430\u0440\u0430\u044e\u0442\u0441\u044f \u0431\u044b\u0442\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u0435\u0435, \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043f\u043e\u0434 \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u0430\u043c\u0438 \u0438 \u0447\u0430\u0449\u0435 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0443\u0449\u0435\u0440\u0431 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043c\u0435\u043d\u0435\u0435 \u0437\u0430\u043c\u0435\u0442\u0435\u043d \u043c\u0438\u0440\u0443.\n\n\ud83e\udd2c \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043f\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0412\u041f\u041e \u0447\u0435\u0440\u0435\u0437 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub. \u0413\u0440\u0443\u043f\u043f\u0430 Stargazer Goblin \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0431\u043e\u043b\u0435\u0435 3000 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 \u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u044b.\u00a0 \u0415\u0441\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0432\u0435\u0434\u0451\u0442\u0441\u044f \u0438 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0431\u043b\u043e\u0433\u0430\u0445 WordPress.\n\n\u0411\u043e\u043b\u044c\u0448\u043e\u0439 \u043e\u0431\u0437\u043e\u0440 \u0410\u0420\u0422, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u042e\u0433\u043e-\u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438\n\n\u041d\u043e\u0432\u044b\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b APT10 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u043e\u0433\u043e \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0437\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u042f\u043f\u043e\u043d\u0438\u0438.\n\n\ud83d\udd0d \u0410\u043d\u0430\u043b\u0438\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0439 \u0437\u0430\u043a\u0440\u044b\u0442\u0443\u044e \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 CVE-2024-21412 \u0432 Windows SmartScreen \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f Lumma Stealer \u0438 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u0412\u041f\u041e \u0432 \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u0421\u0428\u0410.\n\n\u2620\ufe0f \u041d\u043e\u0432\u044b\u0439 \u0448\u0442\u0430\u043c\u043c ransomware Cronus \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u043e\u0431\u044b\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0447\u0435\u0440\u0435\u0437 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u0441\u0441\u044b\u043b\u043a\u0438, \u0438\u043c\u0438\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 PayPal.\n\n\ud83e\udda1 \u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 Latrodectus (\u043f\u0440\u0435\u0435\u043c\u043d\u0438\u043a\u0430 IcedID) \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 Brute Ratel C4 badger. \n\n\u0410 \u0432 \u043f\u043e\u043b\u043a\u0443 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u0432 \u043f\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u2014 \u0432 Telegram \u043d\u0430 \u043f\u043e\u0440\u0442\u0443\u0433\u0430\u043b\u044c\u0441\u043a\u043e\u043c \u044f\u0437\u044b\u043a\u0435 \u0440\u0435\u043a\u043b\u0430\u043c\u0438\u0440\u0443\u044e\u0442 Flame Stealer\n\n\ud83c\udf10 \u041e\u0431\u0437\u043e\u0440 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u043e\u0433\u043e \u0412\u041f\u041e, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u041b\u0430\u0442\u0438\u043d\u0441\u043a\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0435.\n\n\ud83c\udf9b \u041f\u0440\u043e\u0441\u0442\u043e\u0439 \u043b\u0430\u0439\u0444\u0445\u0430\u043a, \u043e\u0442\u0441\u0435\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u043d\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u0438 BEC.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2024-07-29T11:46:32.000000Z"}, {"uuid": "05d444b4-0bf9-4a0b-be6d-4995811e13f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "Telegram/Caug4k6-C7Lek1sWMonxk9aGHMiAeAT0mcY99G6Goka2Bw", "content": "", "creation_timestamp": "2024-07-24T12:04:38.000000Z"}, {"uuid": "b9f5c89e-9a79-4c5e-91c3-3148bf48b4ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/kasperskyb2b/1136", "content": "Microsoft Patch Tuesday: \u043b\u0443\u0447\u0448\u0435\u0435, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u0432\u043f\u0435\u0440\u0435\u0434\u0438! \ud83d\ude0e \n\n\u0414\u043b\u044f \u0432\u043b\u044e\u0431\u043b\u0451\u043d\u043d\u044b\u0445 \u0432 \u0441\u0432\u043e\u044e \u0440\u0430\u0431\u043e\u0442\u0443, \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 \u043f\u0440\u0438\u0448\u0451\u043b\u0441\u044f \u043a\u0430\u043a \u0440\u0430\u0437 \u0432 \u043a\u0430\u043d\u0443\u043d \u0434\u043d\u044f \u0432\u043b\u044e\u0431\u043b\u0451\u043d\u043d\u044b\u0445, \u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0439 \u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u043d \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432\u0430\u0436\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Office \u0438 Exchange Server.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Outlook (CVE-2024-21413, CVSS 9.8) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u0441\u044b\u043b\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0431\u0443\u0434\u0443\u0447\u0438 \u043f\u0440\u0438\u0441\u043b\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u043e \u043f\u043e\u0447\u0442\u0435, \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 (protected view) \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 NTLMv2 \u0438 \u0434\u0430\u0436\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u041f\u0430\u0442\u0447\u0438 \u043d\u0430 2016-\u044e \u043b\u0438\u043d\u0435\u0439\u043a\u0443 Office \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u043d\u043e \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Exchange Server (CVE-2024-21410, CVSS 9.8) \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 PtH, \u043f\u043e\u0432\u044b\u0448\u0430\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u044d\u0442\u043e\u0439 \u0434\u044b\u0440\u044b \u0432 Microsoft \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442 \u043a\u0430\u043a \u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0443\u044e.\n\n\u0425\u043e\u0442\u044f \u043e\u0431\u0430 \u0431\u0430\u0433\u0430 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043d\u0430 \u043d\u0438\u0445 \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u043f\u0440\u044f\u043c\u043e \u0441\u0435\u0439\u0447\u0430\u0441 \u0441\u043c\u043e\u0442\u0440\u044f\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 APT, \u0443\u0436 \u043e\u0447\u0435\u043d\u044c \u043e\u043d\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u0445 \u0430\u0442\u0430\u043a. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0435\u0441\u043b\u0438 \u043d\u0435 \u0441\u0435\u0433\u043e\u0434\u043d\u044f, \u0442\u043e \u0437\u0430\u0432\u0442\u0440\u0430 \u0443\u0436\u0435 \u0442\u043e\u0447\u043d\u043e \u043d\u0430\u0434\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u0442\u044c \u043f\u0430\u0442\u0447\u0438\u043d\u0433. \n\n\u041c\u0435\u043d\u0435\u0435 \u0432\u043f\u0435\u0447\u0430\u0442\u043b\u044f\u044e\u0449\u0438\u0435, \u043d\u043e \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0435 \u0432 \u044d\u0442\u043e\u0442 \u0432\u0442\u043e\u0440\u043d\u0438\u043a: CVE-2024-21412  \u0438 -21351 (CVSS 8.1 \u0438 7.6).  \u041e\u0431\u0435 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f Windows Smartscreen. \u041f\u0440\u043e \u043f\u0435\u0440\u0432\u0443\u044e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043e\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u043e\u0439 DarkCasino/WaterHydra \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.   \n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u0435\u0441\u043b\u0438 \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 MS Edge, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u0435\u043b\u0435\u0439 \u0440\u0430\u043d\u0435\u0435, Microsoft \u0437\u0430\u043a\u0440\u044b\u043b\u0430 73 \u0434\u044b\u0440\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 30 RCE, 16 EoP, 9 DoS \u0438 10 Spoofing. \u0420\u0435\u0439\u0442\u0438\u043d\u0433 critical \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 5 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, important \u2014 65.\n\n\u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u043e\u0431\u0434\u0435\u043b\u044f\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435\u043c \u0438 \u043f\u0430\u0442\u0447\u0438 Adobe, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u043a\u0440\u044b\u043b\u0430 29 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Acrobat \u0438 Reader, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 5 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 RCE. \u041f\u0440\u0430\u0432\u0434\u0430, \u043d\u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u0431\u0430\u0433\u043e\u0432 \u043d\u0435 \u043e\u0442\u043c\u0435\u0447\u0435\u043d \u043a\u0430\u043a \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-02-15T08:35:24.000000Z"}, {"uuid": "431f623f-4e2e-4688-9633-fa5489d91c72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/cibsecurity/78258", "content": "\ud83e\udd85 Increase in the exploitation of Microsoft SmartScreen vulnerability CVE-2024-21412 \ud83e\udd85\n\n  Key Takeaways\u00a0    Cyble Research and Intelligence Labs CRIL recently came across an active campaign exploiting the Microsoft SmartScreen vulnerability CVE202421412.\u00a0\u00a0     The ongoing campaign targets multiple regions, including Spain, the US, and Australia.\u00a0     It employs lures related to healthcare insurance schemes, transportation notices, and taxrelated communications to deceive individuals and organizations into downloading malicious payloads onto their machines.\u00a0     The infection starts with a spam email containing a link that redirects users to a WebDAV share using a search protocol, deceiving them into executing a malicious internet shortcut file, exploiting CVE202421412.\u00a0     The threat actors TAs conducted a multistage attack utilizing legitimate tools such as forfiles.exe,...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-07-05T16:49:36.000000Z"}, {"uuid": "7e946d3b-71ef-4275-9731-053a8f84598e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "Telegram/fQQVtHg9ebYyeOTzc0uDHqaGvdFmkBmrFaYBrTx0HcA7CQ", "content": "", "creation_timestamp": "2024-07-24T13:27:53.000000Z"}, {"uuid": "8a2f4f55-2688-4ea4-aeb3-9b60bf91ce70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/15995", "content": "The Hacker News\nMicrosoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers\n\nA now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza.\nFortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1).\nThe high-severity", "creation_timestamp": "2024-07-24T12:04:25.000000Z"}, {"uuid": "68b34aa3-5b46-4891-b58a-f3cfcfa1fc28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/7483", "content": "\u200aMalicious Stealer Campaign Exploits Windows SmartScreen Flaw (CVE-2024-21412)\n\nhttps://securityonline.info/malicious-stealer-campaign-exploits-windows-smartscreen-flaw-cve-2024-21412/", "creation_timestamp": "2024-07-26T09:43:49.000000Z"}, {"uuid": "288254cd-2b19-4ca7-974e-b965306cb230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/HackingInsights/7442", "content": "\u200aHackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers\n\nhttps://securityaffairs.com/166152/security/cve-2024-21412-flaw-info-stealers.html", "creation_timestamp": "2024-07-25T18:59:11.000000Z"}, {"uuid": "41f47ff2-6dc5-4e8d-bcba-0151eec229c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/HackingInsights/7392", "content": "Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers\nhttps://ift.tt/jlnfXPW", "creation_timestamp": "2024-07-25T18:57:52.000000Z"}, {"uuid": "51273744-ac69-4031-a1b3-54a5148c7952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/HackingInsights/5200", "content": "\u200aCybercriminals Escalate Attacks Exploiting Microsoft SmartScreen Flaw (CVE-2024-21412)\n\nhttps://securityonline.info/cybercriminals-escalate-attacks-exploiting-microsoft-smartscreen-flaw-cve-2024-21412/", "creation_timestamp": "2024-07-08T09:52:00.000000Z"}, {"uuid": "f4e34a5a-01d7-4206-b18e-150ce211c878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/3093", "content": "The Hacker News\nMicrosoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers\n\nA now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza.\nFortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1).\nThe high-severity", "creation_timestamp": "2024-07-24T12:04:25.000000Z"}, {"uuid": "2866362a-1095-408b-8510-53edecb51f09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "Telegram/YAb_XeM0a4Yp_pkyZ39IudSwrYDr5yEW82KPZIVWNFDTnw", "content": "", "creation_timestamp": "2024-02-14T12:04:15.000000Z"}, {"uuid": "bee5fe05-54c8-46ab-a158-57a764cce6ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "published-proof-of-concept", "source": "Telegram/Qrw2oRbnJ2a7MwFSlHiKWFD8IZx564L4LyNxEjm90AOo0f4", "content": "", "creation_timestamp": "2024-07-11T09:26:33.000000Z"}, {"uuid": "36dfd18d-6b9f-4db3-9b61-6ade047f8882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/KomunitiSiber/2291", "content": "Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers\nhttps://thehackernews.com/2024/07/microsoft-defender-flaw-exploited-to.html\n\nA now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza.\nFortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1).\nThe high-severity", "creation_timestamp": "2024-07-24T09:08:52.000000Z"}, {"uuid": "f47451f5-f3a7-409d-a2de-468d7786c9c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/443406", "content": "{\n  \"Source\": \"https://exploit.in/\",\n  \"Content\": \"CVE-2024-21412: \u0431\u0438\u0440\u0436\u0435\u0432\u044b\u0435 \u0432\u043e\u043b\u043a\u0438 \u0432 \u043b\u043e\u0432\u0443\u0448\u043a\u0435 \u0442\u0440\u043e\u044f\u043d\u0430 DarkMe\", \n  \"author\": \"News Support\",\n  \"Detection Date\": \"15 Feb 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-02-15T15:41:05.000000Z"}, {"uuid": "ff00493c-9a08-4b16-8200-d5e34e4041dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "Telegram/8Dreh42LmTsnSqVAggSyaz4s4ScW3fzyuBYBFdCEP7Pr0hU", "content": "", "creation_timestamp": "2024-02-14T23:31:59.000000Z"}, {"uuid": "2390c8ef-b4db-400b-9796-20b8f6a912d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/KomunitiSiber/1487", "content": "DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability\nhttps://thehackernews.com/2024/02/darkme-malware-targets-traders-using.html\n\nA newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called\u00a0Water Hydra\u00a0(aka DarkCasino) targeting financial market traders.\nTrend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet", "creation_timestamp": "2024-02-14T08:49:43.000000Z"}, {"uuid": "b37c6c88-e9e9-4388-9d34-d3f042f4fe7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/true_secator/6642", "content": "Trend Micro \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 7-Zip, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows MoTW \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u0440\u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438\u0437 \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0430\u0440\u0445\u0438\u0432\u043e\u0432.\n\n7-Zip \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 MotW \u0432 \u0438\u044e\u043d\u0435 2022 \u0433\u043e\u0434\u0430, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 22.00. \u0421 \u0442\u0435\u0445 \u043f\u043e\u0440 \u0444\u043b\u0430\u0433\u0438 MotW (\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u043e\u0442\u043e\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 Zone.Id) \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043a\u043e \u0432\u0441\u0435\u043c \u0444\u0430\u0439\u043b\u0430\u043c, \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u043d\u044b\u043c \u0438\u0437 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0430\u0440\u0445\u0438\u0432\u043e\u0432.\n\n\u041e\u043d\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442 \u041e\u0421, \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0444\u0430\u0439\u043b\u044b \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u044b \u0438\u0437 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432, \u0430 \u0438\u0445 \u0437\u0430\u043f\u0443\u0441\u043a \u0442\u0430\u043a\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u043e\u043c\u0443 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044e.\n\n\u041f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0442\u0430\u043a\u043e\u0433\u043e \u0444\u043b\u0430\u0433\u0430 Microsoft Office \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0438\u0445 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0435 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442 \u0440\u0435\u0436\u0438\u043c \u00ab\u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f\u00bb \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442 \u0432\u0441\u0435 \u043c\u0430\u043a\u0440\u043e\u0441\u044b.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u043a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438 \u0432 Trend Micro, CVE-2025-0411 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445 \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0439.\n\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0446\u0435\u043b\u044c \u0434\u043e\u043b\u0436\u043d\u0430 \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443 \u0438\u043b\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0430\u0440\u0445\u0438\u0432\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u043f\u0440\u0438 \u0440\u0430\u0437\u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 7-Zip \u043d\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0444\u043b\u0430\u0433\u0438 MotW \u043d\u0430 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u043c\u043e\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f RCE \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 7-Zip \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a030 \u043d\u043e\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430\u00a0\u0432\u043c\u0435\u0441\u0442\u0435 \u0441 7-Zip 24.09. \n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438, 7-Zip File Manager \u043d\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b \u043f\u043e\u0442\u043e\u043a Zone.Identifier \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438\u0437 \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0430\u0440\u0445\u0438\u0432\u043e\u0432 (\u0435\u0441\u043b\u0438 \u0432\u043d\u0443\u0442\u0440\u0438 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0430\u0440\u0445\u0438\u0432\u0430 \u0435\u0441\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 \u0430\u0440\u0445\u0438\u0432).\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432 \u0432\u0438\u0434\u0443 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0443 7-Zip \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043c\u043d\u043e\u0433\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439, \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044f \u0441\u0432\u043e\u0438 \u0445\u043e\u0441\u0442\u044b \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c 7-Zip \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u043d\u0435 \u0440\u0430\u0437 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043a\u0430\u043a \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 CVE-2024-38213 \u0438 CVE-2024-21412.", "creation_timestamp": "2025-01-21T19:04:29.000000Z"}, {"uuid": "6f7a9724-a5e5-4b55-be85-b838e612b317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/true_secator/5416", "content": "\u034f\u0424\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u0438\u0439 PatchTuesday \u043e\u0442 Microsoft \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f 73 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 5 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438 2 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 0-day, \u0430 \u0442\u0430\u043a\u0436\u0435 6 - Microsoft Edge \u0438 1 - Mariner.\n\n\u0415\u0441\u043b\u0438 \u043f\u043e \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f\u043c, \u0442\u043e 16 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 3 - \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 30 - RCE, 5 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 9 - DoS \u0438 10 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n\n\u041f\u043e\u043b\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043a\u0430\u0436\u0434\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 - \u0437\u0434\u0435\u0441\u044c.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 0-day \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u042d\u0440\u0438\u043a\u043e\u043c \u041b\u043e\u0443\u0440\u0435\u043d\u0441\u0435\u043c\u00a0\u0438\u0437 Microsoft \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-21351, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows SmartScreen.\n\n\u0410\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0438 \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0435\u0433\u043e, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 SmartScreen.\n\n\u041a\u0430\u043a \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0438 \u043a\u0430\u043a\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0435\u0435, Microsoft \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2024-21412\u00a0\u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f Mark of the Web (MoTW) \u0432 Windows, \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u043c\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Windows Server 2019, Server 2022, Windows 10 \u0438 11.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e: Zero Day Initiative Trend Micro, Aura Information Security \u0438 \u0433\u0440\u0443\u043f\u043f\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0443\u0433\u0440\u043e\u0437 Google.\n\n\u041a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438 Trend Micro, CVE-2024-21412 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 APT-\u0433\u0440\u0443\u043f\u043f\u043e\u0439 DarkCasino (Water Hydra), \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0442\u0440\u0435\u0439\u0434\u0435\u0440\u043e\u0432 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e DarkMe \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0433\u0440\u0430\u0444\u0438\u043a \u0430\u043a\u0446\u0438\u0439, \u0441\u0441\u044b\u043b\u0430\u044e\u0449\u0438\u0439\u0441\u044f \u043d\u0430 \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0439 \u0442\u0440\u0435\u0439\u0434\u0435\u0440\u0441\u043a\u0438\u0439 \u0441\u0430\u0439\u0442 (fxbulls[.]ru), \u0432\u044b\u0434\u0430\u044e\u0449\u0438\u0439 \u0441\u0435\u0431\u044f \u0437\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 \u0444\u043e\u0440\u0435\u043a\u0441-\u0431\u0440\u043e\u043a\u0435\u0440\u0430 (fxbulls[.]com).\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u044d\u0442\u0430\u043f\u0430\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0435\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0438 \u0446\u0435\u043b\u044c \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f ransomware.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 (IoC) \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 DarkMe \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d\u00a0\u0437\u0434\u0435\u0441\u044c.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0435 \u0437\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 Trend Micro \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e CVE-2024-21412 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0439 0-day \u0432 Defender SmartScreen (CVE-2023-36025), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043f\u043e\u043a\u0430 DarkCasino \u043e\u0440\u0443\u0434\u0443\u0435\u0442 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u0440\u0438\u0432\u043e\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Windows \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0430\u0442\u0447 \u043e\u0442 Microsoft \ud83d\udc47", "creation_timestamp": "2024-08-06T17:54:30.000000Z"}, {"uuid": "bdd96d0c-8e2a-44d6-9b6c-5d2650d5e8f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "published-proof-of-concept", "source": "Telegram/wOx52InppAheWAdYapIkJRtMuBJnEBBfPwye5xB8iOmtoO8", "content": "", "creation_timestamp": "2024-03-10T13:12:47.000000Z"}, {"uuid": "e43177b1-87ba-47fa-81a7-80989844344e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/true_secator/6017", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Fortinet FortiGuard Labs \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u0418\u0441\u043f\u0430\u043d\u0438\u044e, \u0422\u0430\u0438\u043b\u0430\u043d\u0434 \u0438 \u0421\u0428\u0410 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-21412 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,1).\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Microsoft Defender SmartScreen \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u043f\u043e \u043a\u0440\u0430\u0436\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a ACR Stealer, Lumma \u0438 Meduza.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438\u00a0\u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442\u00a0\u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 SmartScreen \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\nMicrosoft \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0435\u0435 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u0432\u043e\u0438\u0445 \u0435\u0436\u0435\u043c\u0435\u0441\u044f\u0447\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u043c\u0430\u043d\u0438\u0432\u0430\u044e\u0442 \u0436\u0435\u0440\u0442\u0432\u0443, \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0435\u0435 \u043f\u0440\u043e\u0439\u0442\u0438 \u043f\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435 \u043d\u0430 URL-\u0444\u0430\u0439\u043b, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 LNK-\u0444\u0430\u0439\u043b\u0430.\n\n\u0417\u0430\u0442\u0435\u043c LNK-\u0444\u0430\u0439\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 (HTML-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f).\n\n\u0424\u0430\u0439\u043b HTA \u0441\u043b\u0443\u0436\u0438\u0442 \u043a\u0430\u043d\u0430\u043b\u043e\u043c \u0434\u043b\u044f \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 \u043a\u043e\u0434\u0430 PowerShell, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0433\u043e \u0437\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e PDF-\u0444\u0430\u0439\u043b\u0430 \u0438 \u0438\u043d\u0436\u0435\u043a\u0442\u043e\u0440\u0430 \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u0430.\n\n\u041e\u043d, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e Meduza Stealer \u0438\u043b\u0438\u00a0Hijack Loader, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442 CR Stealer \u0438\u043b\u0438 Lumma.\n\nACR Stealer, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u044f\u0432\u043b\u044f\u044e\u0449\u0438\u0439\u0441\u044f \u0443\u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 GrMsk Stealer, \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0432 \u043a\u043e\u043d\u0446\u0435 \u043c\u0430\u0440\u0442\u0430 2024 \u0433\u043e\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u043f\u043e\u0434 \u043d\u0438\u043a\u043e\u043c SheldIO \u043d\u0430 \u0444\u043e\u0440\u0443\u043c\u0435 RAMP.\n\n\u041f\u043e\u0445\u0438\u0442\u0438\u0442\u0435\u043b\u044c ACR \u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0441\u0432\u043e\u044e \u04212 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0442\u0430\u0439\u043d\u0438\u043a\u043e\u0432 (DDR) \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 Steam \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u043a\u0440\u0430\u0441\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438\u0437 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432, \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u043e\u0432, FTP-\u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, VPN-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0438 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u0432 \u043f\u0430\u0440\u043e\u043b\u0435\u0439.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u00a0\u0426\u0435\u043d\u0442\u0440\u0430 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 AhnLab (ASEC),\u00a0\u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 Lumma Stealer \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0442\u0443 \u0436\u0435 \u0442\u0435\u0445\u043d\u0438\u043a\u0443, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432 \u043b\u044e\u0431\u043e\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0434\u043e\u043c\u0435\u043d\u044b C2 \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.", "creation_timestamp": "2024-07-24T19:30:06.000000Z"}, {"uuid": "c3154df4-c4be-45bf-856f-91b74ae93fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/ctinow/220788", "content": "Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers\nhttps://ift.tt/jlnfXPW", "creation_timestamp": "2024-07-25T12:54:23.000000Z"}, {"uuid": "e1babf2b-f63b-41a3-9910-39fc4b7103c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/185345", "content": "https://ift.tt/OT1S94x\nCVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day - Trend Micro", "creation_timestamp": "2024-02-15T08:46:46.000000Z"}, {"uuid": "3ec5588e-84c9-4c9a-ac0d-e8c7d3552eff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/207282", "content": "https://ift.tt/Jh3FzPk\nCVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign", "creation_timestamp": "2024-03-13T23:16:07.000000Z"}, {"uuid": "30378236-d0fd-45d1-8db4-ccdf1155c437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/207321", "content": "https://ift.tt/Jh3FzPk\nCVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign", "creation_timestamp": "2024-03-14T00:11:18.000000Z"}, {"uuid": "5a82c871-3b7f-4795-bf92-091186dcee99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/206466", "content": "https://ift.tt/Jh3FzPk\nCVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign - Trend Micro", "creation_timestamp": "2024-03-13T08:56:56.000000Z"}, {"uuid": "12e75d83-f893-447c-b4af-8f7f6ca41c98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/thehackernews/5301", "content": "\ud83d\udea8 A significant security flaw in Microsoft Defender SmartScreen was exploited to deliver info-stealers like ACR Stealer, Lumma, and Meduza. \n \nCVE-2024-21412, rated 8.1 on the CVSS, allowed attackers to bypass protections. \n \nLearn more: https://thehackernews.com/2024/07/microsoft-defender-flaw-exploited-to.html", "creation_timestamp": "2024-07-24T08:21:21.000000Z"}, {"uuid": "e643e493-bcf6-4c1d-9f8b-a92f05786543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184621", "content": "https://ift.tt/7cqYNzM\nCVE-2024-21412: Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day", "creation_timestamp": "2024-02-14T13:31:40.000000Z"}, {"uuid": "f603c3f7-2ff8-4906-8607-5611a8320613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/theninjaway1337/1443", "content": "New DarkGate Malware Campaign Exploits 0-day CVE-2024-21412 Flaw\n\nRecently, researchers at the Zero Day Initiative (ZDI) have\u00a0dissected\u00a0a complex DarkGate\u00a0malware campaign targeting users through a\u00a0zero-day flaw\u00a0in Microsoft Windows SmartScreen (CVE-2024-21412). The attackers, associated with the notorious DarkGate group, are meticulously weaponizing trusted technologies and exploiting human vulnerabilities to spread their malicious payload.\n\nhttps://securityonline.info/new-darkgate-malware-campaign-exploits-0-day-cve-2024-21412-flaw/", "creation_timestamp": "2024-03-14T20:26:13.000000Z"}, {"uuid": "1ad32c57-f74e-4e80-b104-22aafc711aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/information_security_channel/51538", "content": "Windows Zero-Day Exploited in Attacks on Financial Market Traders\nhttps://www.securityweek.com/windows-zero-day-exploited-in-attacks-on-financial-market-traders/\n\nCVE-2024-21412, one of the security bypass zero-days fixed by Microsoft with Patch Tuesday updates, exploited by Water Hydra (DarkCasino).\nThe post Windows Zero-Day Exploited in Attacks on Financial Market Traders (https://www.securityweek.com/windows-zero-day-exploited-in-attacks-on-financial-market-traders/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-02-14T13:28:11.000000Z"}, {"uuid": "ac259445-c449-48b3-88ae-bd2352acec95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/thehackernews/4679", "content": "\ud83d\uded1 A new DarkGate malware campaign uses a recently patched #Microsoft Windows flaw (CVE-2024-21412) to deploy malicious software via bogus installers. \n \nLearn more: https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html", "creation_timestamp": "2024-03-14T06:02:06.000000Z"}, {"uuid": "7bfb7fea-4941-44ed-a4d2-ed3ad91ca77b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184192", "content": "https://ift.tt/3NEKsjC\nMicrosoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351) - Help Net Security", "creation_timestamp": "2024-02-13T21:11:25.000000Z"}, {"uuid": "7b13e53b-4c1a-4017-b0a8-b3a28ee8bd5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184061", "content": "https://ift.tt/IAadxZq\nCVE-2024-21412 Exploitation", "creation_timestamp": "2024-02-13T19:17:24.000000Z"}, {"uuid": "07660fbc-12e1-4cea-8599-c1967b3f85be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184248", "content": "https://ift.tt/3NEKsjC\nMicrosoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)", "creation_timestamp": "2024-02-13T21:46:53.000000Z"}, {"uuid": "216b425b-8fcf-4b46-9826-707de7f7b6a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184212", "content": "https://ift.tt/DyoaZd3\nSmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes", "creation_timestamp": "2024-02-13T21:17:04.000000Z"}, {"uuid": "b6363b5a-d2ad-4eb8-b6d3-76a62440c49b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184211", "content": "https://ift.tt/7cqYNzM\nCVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day", "creation_timestamp": "2024-02-13T21:17:03.000000Z"}, {"uuid": "86f1bef3-4b14-4ea7-b4bd-574f265d6e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184173", "content": "https://ift.tt/DyoaZd3\nSmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes", "creation_timestamp": "2024-02-13T20:41:43.000000Z"}, {"uuid": "9325b110-60e4-43d1-b8d2-f2b88c055056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184172", "content": "https://ift.tt/7cqYNzM\nCVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day", "creation_timestamp": "2024-02-13T20:41:42.000000Z"}, {"uuid": "4fc701f2-d6c1-40f6-82c9-2de58ea75dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "seen", "source": "https://t.me/ctinow/184169", "content": "https://ift.tt/UlM9BHf\nCVE-2024-21412 | Microsoft Windows up to Server 2022 23H2 Internet Shortcut File Remote Code Execution", "creation_timestamp": "2024-02-13T20:37:03.000000Z"}, {"uuid": "8904c681-6fcf-49ea-8d88-323e260c2d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "exploited", "source": "https://t.me/xakep_ru/15386", "content": "Microsoft \u043f\u0430\u0442\u0447\u0438\u0442 \u0434\u0432\u0435 0-day \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445\n\n\u0424\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u0438\u0435 \u043f\u0430\u0442\u0447\u0438 Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 73 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0435\u0441\u044f \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f. \u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-21412 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0445\u0430\u043a-\u0433\u0440\u0443\u043f\u043f\u043e\u0439 DarkCasino (\u043e\u043d\u0430 \u0436\u0435 Water Hydra) \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0445 \u0442\u0440\u0435\u0439\u0434\u0435\u0440\u043e\u0432.\n\nhttps://xakep.ru/2024/02/14/february-patches-2024/", "creation_timestamp": "2024-02-14T09:35:28.000000Z"}, {"uuid": "7466bb95-001d-4a6e-a3b4-5137c01e9b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21412", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9979", "content": "#Malware_analysis\nWater Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day (CVE-2024-21412)\nhttps://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html", "creation_timestamp": "2024-02-15T11:02:09.000000Z"}]}