Start your day with intelligence. Get The OODA Daily Pulse.
An advanced persistent threat (APT) group is exploiting an unpatched Microsoft zero-day to spread the Atlantida Stealer. In this spear-phishing campaign, the APT group is lifting system information and sensitive data including passwords and cookies. The APT is being called Void Banshee and the group is exploiting the zero-day in North America, Europe, and Southeast Asia. The bug exists in the Internet Explorer (IE) browser. However, it can still be exploited on a user’s machine even if IE is disabled or not the default browser. This attack is incredibly alarming as IE no longer receives updates or security fixes.