Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
APT Group Void Banshee Exploits New Microsoft Flaw: Cybersecurity Nightmare Unfolds
Void Banshee is exploiting CVE-2024-38112 in the MSHTML browser engine to deliver the Atlantida information stealer. This zero-day vulnerability, now patched by Microsoft, allows the group to bypass disabled services like Internet Explorer, posing a significant threat to organizations worldwide.
Hot Take:
Just when you thought Internet Explorer was a relic of the past, it rises from the grave to haunt us with fresh zero-day exploits! It’s the browser that just won’t die, and now it’s bringing along its new best friend, the Atlantida stealer. Who said old browsers can’t learn new tricks?
Key Points:
- Void Banshee APT group leverages CVE-2024-38112 to deliver the Atlantida information stealer.
- Trend Micro discovered this exploit is part of a multi-stage attack chain using URL files.
- The attack involves spear-phishing emails and malicious HTML Application (HTA) files.
- Atlantida targets data from browsers, Telegram, Steam, FileZilla, and cryptocurrency wallets.
- Cloudflare reports rapid exploitation of new CVEs, sometimes within 22 minutes of release.
Already a member? Log in here