The APT group Water Hydra has been exploiting the Microsoft Defender SmartScreen vulnerability CVE-2024-21412 in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.

Trend Micro Blog offers insights, analysis, and updates on cybersecurity threats, trends, and best practices. Covering topics such as malware analysis, threat intelligence, and cybersecurity risk management, Trend Micro Blog provides resources for IT security professionals, helping them stay ahead of emerging threats and protect their organizations from cyber attacks.

Trend Micro

Water Hydra is targeting financial market traders with a zero-day exploit (CVE-2024-21412) in Microsoft Defender SmartScreen. The vulnerability has been patched by Microsoft. Water Hydra is an APT group known for its attacks on the financial industry. They have previously exploited another vulnerability (CVE-2023-38831) before it was disclosed. The article also provides information on Water Hydra's attack chain and the DarkMe malware.

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day