motw (2)

12386296490?profile=RESIZE_400xA newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders.  Trend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet Shortcut Files (.URL). "In this attack chain, the threat actor leveraged CVE-2024-21412 to bypass Microsoft Def

11028928884?profile=RESIZE_400xIn early February of 2022, Microsoft announced that Internet Macros would be blocked by default to improve the security of Microsoft Office.  According to their blog published in late Feb 2023, this change began rolling out in some update channels in April 2022. Other channels followed in July and October 2022, with the final rollout in January 2023.[1]

Office uses a specific algorithm to determine whether to run macros in files from the Internet.  The process starts by checking the file attribu