Tag

Cve 2024 38112

All articles tagged with #cve 2024 38112

data-security-vulnerability1 year ago•3 min saved

"Void Banshee Exploits Microsoft Zero-Day to Spread Malware"

The APT group Void Banshee is exploiting a zero-day vulnerability in Microsoft's MHTML browser engine (CVE-2024-38112) to spread the Atlantida information stealer. This flaw, addressed in Microsoft's recent Patch Tuesday, is used in multi-stage attacks involving spear-phishing emails and malicious URL files. The campaign highlights the rapid exploitation of disclosed vulnerabilities and the ongoing threat posed by advanced cyber actors.

via The Hacker News|

#atlantida-stealer #cve-2024-38112 #cybersecurity

exploits-and-vulnerabilities1 year ago•16 min saved

"Void Banshee Exploits Zombie Internet Explorer in Zero-Day Windows Attacks"

The APT group Void Banshee exploited the zero-day vulnerability CVE-2024-38112 to execute files through the disabled Internet Explorer using MSHTML, targeting Windows users in North America, Europe, and Southeast Asia. This vulnerability, used to deploy the Atlantida info-stealer, was discovered and reported by Trend Micro's Zero Day Initiative and has since been patched by Microsoft. The attack highlights the risks posed by unsupported Windows components like Internet Explorer, which can still be exploited by threat actors.

via Trend Micro|

#atlantida-stealer #cve-2024-38112 #exploits-and-vulnerabilities