Week -02-21-2024- [repack] — 0-day And Hitlist
| Tactic | Technique ID | Technique Name | Relevance | |--------|--------------|----------------|-----------| | Initial Access | T1566.001 | Phishing: Spearphishing Attachment | Primary vector for CVE‑2024‑21412, CVE‑2024‑21351 | | Initial Access | T1190 | Exploit Public‑Facing Application | Exploitation of Ivanti VPN (CVE‑2024‑21893) and ScreenConnect (CVE‑2024‑1709) | | Execution | T1204.002 | Malicious File (User Execution) | Required for Microsoft zero‑days | | Privilege Escalation | T1068 | Exploitation for Privilege Escalation | CVE‑2024‑26169, CVE‑2024‑21338 | | Defense Evasion | T1070.004 | File Deletion (Indicator Removal) | Used by Lazarus rootkit | | Defense Evasion | T1211 | Exploitation for Defense Evasion | Kernel‑level bypass via AppLocker driver | | Persistence | T1543.003 | Windows Service (SystemBC) | Black Basta deployment | | Command & Control | T1572 | Protocol Tunneling (DarkMe RAT) | Water Hydra campaign |
Ivanti Connect Secure (ICS) VPN versions prior to 22.5R2.2, 22.6R2.1, and 23.2R1.1
Part of Tom Taylor’s critically acclaimed run, this issue continued the evolution of Dick Grayson as the protector of Blüdhaven. 0-day and Hitlist Week -02-21-2024-
Hidden inside a counterfeit digital copy of a rare indie comic was a "white-hat" worm—a counter-exploit designed to find the 0-day fragment and neutralize it before it could reach the vault’s servers. It was a race of code against code, hidden within the very lists people used for Sunday afternoon reading.
Similar to its counterpart, this flaw requires an attacker to send a specially crafted malicious file to a user and convince them to open it. The exploit bypasses SmartScreen’s security checks, potentially leading to code execution. | Tactic | Technique ID | Technique Name
Beyond superhero narratives, the independent circuit utilized the February 21, 2024 slot to drop historical milestones and brand-new creative property launches.
The most aggressive zero-day of the week landed in the feature. Tracked as CVE-2024-21412 , this vulnerability allowed attackers to bypass SmartScreen protections with a CVSS score of 8.1. Similar to its counterpart, this flaw requires an
: With the critical severity of the Exchange Server EoP flaw ( CVE-2024-21410 ) and other privilege escalation vectors, ensure that your on‑premises Exchange servers are patched and that NTLM credential relay protections are enabled.
DC Comics structured its February 20/21 releases around major creative teams and cross-industry blockbusters.