#VoidBanshee

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer

by

July 16, 2024 at 12:09PM Void Banshee, an APT actor, used the CVE-2024-38112 Windows zero-day to exploit the disabled Internet Explorer and deliver the Atlantida stealer malware. By crafting URLs in internet shortcut files, the APT leveraged the MHTML protocol handler and x-usc directive to execute code via the disabled IE, posing a significant threat … Read more

CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks

by

July 15, 2024 at 10:55AM CVE-2024-38112, exploited by APT group Void Banshee, allowed them to use a zero-day to access and execute files via the disabled Internet Explorer using MSHTML. The vulnerability was promptly reported to Microsoft and patched. Void Banshee lured victims using zip archives with malicious files disguised as PDFs, targeting North America, … Read more