![]() ![]() Also fixed was CVE-2023-40477, which allowed attackers to remotely exploit code of their choosing, provided they could trick a user into "a malicious page or open a malicious file," according to Trend Micro's Zero Day Initiative, which worked with ZDI researcher "goodbyeselene" to report the flaw to RARLabs. 2 released WinRAR version 6.23 to fix multiple vulnerabilities, including the one now being targeted by government-affiliated hackers. Attackers can subvert that process so that when a user double-clicks a file to open, the user instead opens malware. The vulnerability being exploited by attackers, tracked as CVE-2023-38831, centers on how the WinRAR software processes. Nation-state groups TAG has seen exploiting the flaw include Russia's Sandworm hacking team - a GRU military intelligence unit - that has been running a phishing campaign against the Ukrainian energy sector with a bogus PDF document that purportedly contains "a drone operator training curriculum." Ukrainian energy infrastructure has been a main focus of Russian hackers (see: WinRAR Weaponized for Attacks on Ukrainian Public Sector).Īnother phishing campaign, which TAG attributed to China, targeted Papua New Guineans with links to Dropbox that led to malware. ![]() Vendor RARLabs issued a patch 11 weeks ago, but "many users still seem to be vulnerable." Google's Threat Analysis Group, which tracks nation-state hacking campaigns, said Wednesday that "in recent weeks" it has seen "government-backed hacking groups" who hail from multiple countries, including China and Russia, targeting the bug. See Also: Live Webinar | Ransomware in the Cloud: Challenges and Security Best Practices ![]() Nation-state hackers are targeting a vulnerability in WinRAR, a popular Windows utility for archiving files, security experts warn, including the Russian military in attacks against Ukraine. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |