Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.5 views

PT-2024-2715

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to April 2024 Patch Tuesday Description This issue is a security feature bypass vulnerability affecting the SmartScreen Prompt Security Feature in Microsoft Windows. The vulnerability allows attackers to bypass...

10CVSS7.3AI score0.95443EPSS
Exploits2References76
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/03/13 12:0 a.m.95 views

CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign

In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative ZDI observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412...

8.1CVSS7.1AI score0.95443EPSS
Exploits2
hivepro
hivepro
added 2024/02/20 11:51 a.m.43 views

Attacks, Vulnerabilities and Actors 12 to 18 February 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, five vulnerabilities were uncovered, and three active adversaries we...

5.8CVSS7.5AI score0.95443EPSS
Exploits2
hivepro
hivepro
added 2024/02/19 5:35 a.m.44 views

Water Hydra Exploits CVE-2024-21412 to Target Financial Traders

Summary: Water Hydra exploited CVE-2024-21412 to bypass Microsoft Defender SmartScreen, targeting financial traders with DarkMe malware through sophisticated spearphishing tactics. This underscores the persistent threat of APT groups and highlights the challenge of defending against evolving atta...

5.8CVSS7AI score0.95443EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/02/15 5:19 a.m.153 views

Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation

Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 CVSS score: 9.8, the issue has been...

9.8CVSS9.5AI score0.95443EPSS
Exploits25
The Hacker News
The Hacker News
added 2024/02/14 7:33 a.m.69 views

DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability

A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra aka DarkCasino targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails...

8.1CVSS8.2AI score0.95443EPSS
Exploits2
Krebs on Security
Krebs on Security
added 2024/02/13 10:28 p.m.63 views

Fat Patch Tuesday, February 2024 Edition

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks. Top of the heap on this Fat Patch Tuesday is CVE-2024-21412, a...

7.5CVSS8.2AI score0.97408EPSS
Exploits45
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/02/13 12:0 a.m.45 views

CVE-2024-21412: Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day

The APT group Water Hydra has been exploiting the Microsoft Defender SmartScreen vulnerability CVE-2024-21412 in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative...

8.1CVSS9.6AI score0.95443EPSS
Exploits2
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/02/13 12:0 a.m.56 views

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability CVE-2024-21412 in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day...

5.8CVSS8.5AI score0.95443EPSS
Exploits2
Rows per page
Query Builder