Trend Micro has now announced its discovery of a vulnerability in Microsoft Windows Defender that is being actively exploited by the cyber threat group Water Hydra. The vulnerability was discovered on December 31, 2023, but the official information was only published yesterday. Trend's customers have been automatically protected since January 1, 2024, but other organizations are now being asked to take immediate action in response to this vulnerability.
The vulnerability is being actively exploited by the financially motivated APT group Water Hydra to access forex traders participating in the high-stakes forex exchange. More specifically, it is used in a sophisticated zero-day attack chain to bypass Windows Defender SmartScreen. The attacks are based on infecting the victims with a DarkMe Remote Access Trojan (RAT) with the goal of data theft and the spread of ransomware.
- Day zero vulnerabilities are an increasingly popular way for cybercriminals to achieve their goals, says Jean Diarbakerli, Security Advisor at Trend Micro Sweden. That's why at Trend we invest heavily in data and cybersecurity posture information to ensure our customers are protected, months before official vendor patches are released. We are proud to be able to deliver a secure bridge between these and, by extension, create a digital world with fewer risks.
When a new zero-day attack is detected informs Trend Micro always the exposed supplier. Meanwhile, Trend's customers directly benefit from virtual patching to protect their systems from exploitation until an official patch can be applied.
Trend protects its customers by issuing virtual patches an average of 51 days before official patches are released, including this one for Microsoft. For other providers, the average time to protect their customers was 96 days.
According to Trend, customers who applied all virtual patches in 2023 saved i average USD 1 million for his company.
The Trend Vision One security platform automatically identifies critical vulnerabilities and provides visibility into all affected endpoints and their potential impact on an organization's overall risk. Trend's proactive approach to risk management reduces the need for last-minute reactive actions and ensures that clients are well prepared.