An advanced persistent threat (APT) group is exploiting an unpatched Microsoft zero-day to spread the Atlantida Stealer. In this spear-phishing campaign, the APT group is lifting system information and sensitive data including passwords and cookies. The APT is being called Void Banshee and the group is exploiting the zero-day in North America, Europe, and Southeast Asia. The bug exists in the Internet Explorer (IE) browser. However, it can still be exploited on a user’s machine even if IE is disabled or not the default browser. This attack is incredibly alarming as IE no longer receives updates or security fixes. 

Read more: https://www.darkreading.com/threat-intelligence/void-banshee-apt-microsoft-zero-day-spear-phishing-attacks