Teacher
Professional
- Messages
- 2,669
- Reaction score
- 819
- Points
- 113
How to master stock trading without losing your last savings?
As part of the regular security update Patch Tuesday, which we already wrote about earlier , Microsoft fixed a vulnerability in SmartScreen, which is actively used by hackers to distribute the DarkMe remote access Trojan. In this news, we will look at this breach in more detail.
The zero-day vulnerability CVE-2024-21412 (CVSS: 8.1) was discovered on New Year's Eve, when researchers from Trend Micro noticed real exploitation by the financially motivated hacker group Water Hydra (aka DarkCasino).
Microsoft itself describes the vulnerability as the ability of an unauthenticated attacker to send specially crafted files to their victims that bypass standard security checks.
For a successful attack, the attacker needs to convince the user to click on the file link, since without this, the infection process will not start. Social engineering is usually used here.
Trend Micro security researcher Peter Girnus, who reported CVE-2024-21412, pointed out in his technical report that it allows you to bypass the fix of another SmartScreen vulnerability-CVE-2023-36025 (CVSS: 8.8), which was fixed in November 2023.
Foreign exchange market traders were targeted in attacks that exploit this vulnerability. According to Trend Micro, the attackers targeted data theft or the deployment of ransomware.
The attacks were organized mainly through exchange trading forums and Telegram-themed channels, where a malicious link masquerading as a legitimate site for traders was distributed.
The cybercriminals tactics included posting messages in different languages with requests or offers to help with stock trading, as well as distributing fake tools and charts for technical analysis. The final goal of the scammers was to persuade traders to install the malicious DarkMe software by any means necessary.
Previously, the Water Hydra group has already exploited zero-day vulnerabilities, including a critical flaw in the WinRAR software that affected more than 500 million users.
All these attacks highlight the importance of constantly updating the software to quickly eliminate vulnerabilities, as well as awareness of existing threats in the field of cybersecurity. This is the only way to effectively protect yourself from hackers and avoid becoming a victim of financial fraud.
As part of the regular security update Patch Tuesday, which we already wrote about earlier , Microsoft fixed a vulnerability in SmartScreen, which is actively used by hackers to distribute the DarkMe remote access Trojan. In this news, we will look at this breach in more detail.
The zero-day vulnerability CVE-2024-21412 (CVSS: 8.1) was discovered on New Year's Eve, when researchers from Trend Micro noticed real exploitation by the financially motivated hacker group Water Hydra (aka DarkCasino).
Microsoft itself describes the vulnerability as the ability of an unauthenticated attacker to send specially crafted files to their victims that bypass standard security checks.
For a successful attack, the attacker needs to convince the user to click on the file link, since without this, the infection process will not start. Social engineering is usually used here.
Trend Micro security researcher Peter Girnus, who reported CVE-2024-21412, pointed out in his technical report that it allows you to bypass the fix of another SmartScreen vulnerability-CVE-2023-36025 (CVSS: 8.8), which was fixed in November 2023.
Foreign exchange market traders were targeted in attacks that exploit this vulnerability. According to Trend Micro, the attackers targeted data theft or the deployment of ransomware.
The attacks were organized mainly through exchange trading forums and Telegram-themed channels, where a malicious link masquerading as a legitimate site for traders was distributed.
The cybercriminals tactics included posting messages in different languages with requests or offers to help with stock trading, as well as distributing fake tools and charts for technical analysis. The final goal of the scammers was to persuade traders to install the malicious DarkMe software by any means necessary.
Previously, the Water Hydra group has already exploited zero-day vulnerabilities, including a critical flaw in the WinRAR software that affected more than 500 million users.
All these attacks highlight the importance of constantly updating the software to quickly eliminate vulnerabilities, as well as awareness of existing threats in the field of cybersecurity. This is the only way to effectively protect yourself from hackers and avoid becoming a victim of financial fraud.
