Windows vulnerability abused braille “spaces” in zero-day attacks

September 15, 2024 at 02:18PM The “Windows MSHTML spoofing vulnerability” (CVE-2024-43461) was exploited by the Void Banshee APT hacking group, leading to it being reclassified as previously exploited. Based on the meeting notes, it appears that the “Windows MSHTML spoofing vulnerability” tracked under CVE-2024-43461 was recently fixed but has now been marked as previously exploited … Read more

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer

July 16, 2024 at 12:09PM Void Banshee, an APT actor, used the CVE-2024-38112 Windows zero-day to exploit the disabled Internet Explorer and deliver the Atlantida stealer malware. By crafting URLs in internet shortcut files, the APT leveraged the MHTML protocol handler and x-usc directive to execute code via the disabled IE, posing a significant threat … Read more

CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks

July 15, 2024 at 10:55AM CVE-2024-38112, exploited by APT group Void Banshee, allowed them to use a zero-day to access and execute files via the disabled Internet Explorer using MSHTML. The vulnerability was promptly reported to Microsoft and patched. Void Banshee lured victims using zip archives with malicious files disguised as PDFs, targeting North America, … Read more