Security News > 2024 > October > North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
2024-10-16 10:50
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.
News URL
https://thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html
Related news
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
- New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)
- North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Security pros baited with fake Windows LDAP exploit traps (source)
- Zero-day exploits plague Ivanti Connect Secure appliances for second year running (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-38178 | Unspecified vulnerability in Microsoft products Scripting Engine Memory Corruption Vulnerability | 7.5 |