Search results for hydra link | Breaking Cybersecurity News | The Hacker News

A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called  Water Hydra  (aka DarkCasino) targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet Shortcut Files (.URL).  "In this attack chain, the threat actor leveraged CVE-2024-21412 to bypass Microsoft Defender SmartScreen and infect victims with the DarkMe malware," the cybersecurity firm  said  in a Tuesday report. Microsoft, which  addressed  the flaw in its February Patch Tuesday update, said an unauthenticated attacker could exploit the flaw by sending the targeted user a specially crafted file in order to bypass displayed security checks. However, successful exploitation banks on the prerequisite that the threat actor convinces the victim to click o...

A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a known malware referred to as 9002 RAT. The two targeted attacks took place on June 24 and July 2, 2024, Italian cybersecurity company TG Soft said in an analysis published last week. "The first campaign on June 24, 2024 used an Office document, while the second campaign contained a link," the company noted . "Both campaigns invited the victim to install a Skype for Business package from a link of an Italian government-like domain to convey a variant of 9002 RAT." APT17 was first documented by Google-owned Mandiant (then FireEye) in 2013 as part of cyber espionage operations called DeputyDog and Ephemeral Hydra that leveraged zero-day flaws in Microsoft's Internet Explorer to breach targets of interest. It's also known by the monikers Aurora Panda, Bronze Keystone, Dogfish, Elderwood, Helium, Hidden Lynx, and TEMP.Avenge...

Microsoft has released patches to address  73 security flaws  spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to  24 flaws  that have been fixed in the Chromium-based Edge browser since the release of the January 2024 Patch Tuesday updates . The two flaws that are listed as under active attack at the time of release are below - CVE-2024-21351  (CVSS score: 7.6) - Windows SmartScreen Security Feature Bypass Vulnerability CVE-2024-21412  (CVSS score: 8.1) - Internet Shortcut Files Security Feature Bypass Vulnerability "The vulnerability allows a malicious actor to inject code into  SmartScreen  and potentially gain code execution, which could potentially lead to some data exposure, lack of system availabilit...

A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. "During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting the Microsoft Windows SmartScreen bypass CVE-2024-21412 that led to malicious Microsoft (.MSI) installers," Trend Micro  said . CVE-2024-21412 (CVSS score: 8.1) concerns an internet shortcut files security feature bypass vulnerability that permits an unauthenticated attacker to circumvent SmartScreen protections by tricking a victim into clicking on a specially crafted file. It was  fixed  by Microsoft as part of its Patch Tuesday updates for February 2024, but not before it was weaponized by a threat actor called  Water Hydra  (aka DarkCasino) to deliver the DarkMe malware in attacks targeting financial instituti...

Security tools company Pwnie Express is making a network hacking focused Android device called the Pwn Pad . The device is based on the Google Nexus 7 specs, with USB-based Bluetooth, Ethernet and WiFi to gauge the security of a network beyond what Google's tablet can manage on its own. Pwn Pad  will be introduced at the RSA security conference in San Francisco next week and Pwnie Express is also releasing the Pwn Pad source code. This will allow hackers to download the software and get it up and running on other types of Android phones and tablets. " Every pen tester we know has a phone and a tablet and a laptop, but none of them has been able to do pen-testing from the tablet ," says Dave Porcello, Pwnie Express's CEO said to  wired . Most interesting part is that, first time the most popular wireless hacking tools like Aircrack-ng and Kismet introduced on an Android device.  The complete list of the tool available  in this...

An international law enforcement operation involving 11 countries has culminated in the takedown of a notorious mobile malware threat called  FluBot . "This Android malware has been spreading aggressively through SMS, stealing passwords, online banking details and other sensitive information from infected smartphones across the world," Europol  said  in a statement. The "complex investigation" included authorities from Australia, Belgium, Finland, Hungary, Ireland, Romania, Spain, Sweden, Switzerland, the Netherlands, and the U.S. FluBot , also called Cabassous, emerged in the wild in December 2020, masking its insidious intent behind the veneer of seemingly innocuous package tracking applications such as FedEx, DHL, and Correos.  It primarily spreads via smishing (aka SMS-based phishing) messages that trick unsuspecting recipients into clicking on a link to download the malware-laced apps. Once launched, the app would proceed to request access to Android...