Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks

The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books. [TechWeb]( Follow Dark Reading: [RSS]( July 17, 2024 LATEST SECURITY NEWS & COMMENTARY [Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks]( The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books. [Security End-Run: 'AuKill' Shuts Down Windows-Reliant EDR Processes]( Russian threat actor FIN17 has shifted gears multiple times in recent years, focusing now on helping ransomware groups be even more covertly effective. [Cloud Security, PowerShell Expertise Emerge as Key SOC Analyst Skills]( SOC analysts should also cultivate skills like incident handling and response, threat hunting, digital forensics, Python, and bash scripting. [Microsoft: Scattered Spider Widens Web With RansomHub & Qilin]( The gang already uses varied tools in its attacks, such as phishing, SIM swapping, and MFA fatigue. [IDF Has Rebuffed 3B Cyberattacks Since Oct. 7, Colonel Claims]( Israel's military computer systems have been under constant barrage in recent months. [Shadowroot Ransomware Lures Turkish Victims via Phishing Attacks]( The ransomware is rudimentary with basic functionalities, likely having been created by an inexperienced developer — but it's effective at locking up files and sucking up memory capacity. [Name That Toon: Near Miss]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [The Need to Recruit Cyber Talent in the Government]( Bad actors are launching unprecedented waves of attacks against government agencies — and the federal government is woefully underprepared. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [AT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers]( In the scrum, countless call and text records leaked, other cell companies caught strays, the DoJ became involved, and someone has already been arrested. [7 Tips for Navigating Cybersecurity Risks in M&As]( Careful planning and proactive measures can ensure smooth and secure transitions, paving the way for a successful merger or acquisition. [SEXi Ransomware Rebrands as 'APT Inc.,' Keeps Old Methods]( The cybercrime group demands ransoms of varying degrees, from thousands to even millions of dollars — in some cases, 2 bitcoin per encrypted customer. [GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln]( The bug (CVE-2024-6385) is similar — but not identical — to a critical flaw GitLab patched just two weeks ago. [MORE]( PRODUCTS & RELEASES [BlueVoyant Unveils Edge Security Operations Platform]( [Secureworks Elevates State of Cybersecurity for Mid-Market Customers With Managed Detection and Response Offering]( [The Linux Foundation and OpenSSF Release Report on the State of Education in Secure Software Development]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE ['Trial' DDoS Attacks on French Sites Portend Greater Olympics Threats]( Russian hacktivists claim DDoS attacks against basic tourist websites. Is it real, or just smoke and mirrors? LATEST FROM THE EDGE [Defending OT Requires Agility, Proactive Controls]( As attackers set their sights on infrastructure, security teams need to reduce risk levels without compromising operational agility. LATEST FROM DR TECHNOLOGY [AI Consortium Plans Toolkit to Rate AI Model Safety]( An AI consortium consisting of top tech companies will release a toolkit later this year for measuring the safety of generative AI models. LATEST FROM DR GLOBAL [Singapore Banks Ditch One-Time Passwords]( Retail banks in the nation-state will eliminate the use of one-time passwords (OTPs) by bank customers in an effort to thwart phishing. WEBINARS - [The CIOs Guide to Enhancing GRC in 2024]( When structured correctly, Governance, Risk, and Compliance (GRC) can enable enterprises to align IT and business goals, while mitigating risks and abiding by industry and government requirements. Effectively manage your resources and unify your enterprise by utilizing emerging technology that ... - [Generative AI: Use Cases and Risks in 2024]( This webinar reviews use cases and risks in the leading generative AI applications and models, including market favorites ChatGPT, DALL-E 2, and AutoGPT. [View More Dark Reading Webinars >>]( WHITE PAPERS - [Tracking the Untrackable: Taking a Proactive Approach to Emerging Risks]( - [State of Enterprise Cloud Security]( - [Google Cloud Threat Horizons Report, H1 2024]( - [Google Threat Intelligence]( - [A Year in Review of Zero-Days Exploited In-the-Wild in 2023]( - [2024 InformationWeek US IT Salary Report]( - [Generative AI Gifts]( [View More White Papers >>]( FEATURED REPORTS - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=124609&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_07.17.24&sp_cid=54317&utm_content=DR_NL_Dark%20Reading%20Daily_07.17.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#f4 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)