Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks.
The post Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw appeared first on SecurityWeek.
Continue reading Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

State-sponsored APTs are leveraging WinRAR bug

A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. CVE-2023-38831 has been patched in August 2023, along with another high-severity RCE v… Continue reading State-sponsored APTs are leveraging WinRAR bug

Russian hackers offered phony drone training to exploit WinRAR vulnerability

Despite an August patch, Russian and Chinese state-backed hackers are using a vulnerability in the popular software to carry out espionage.

The post Russian hackers offered phony drone training to exploit WinRAR vulnerability appeared first on CyberScoop.

Continue reading Russian hackers offered phony drone training to exploit WinRAR vulnerability

Fake PoC Script Used to Trick Researchers into Downloading VenomRAT

By Waqas
New Malware Campaign Targets CVE-2023-40477 Vulnerability in WinRAR – Researchers Advise Users to Update WinRAR and Be Cautious of Clicking on Links.
This is a post from HackRead.com Read the original post: Fake PoC Script Used to Trick Resear… Continue reading Fake PoC Script Used to Trick Researchers into Downloading VenomRAT

WinRAR users update your software as 0-day vulnerability is found

By Habiba Rashid
The 0-day vulnerability in WinRAR, which has been exploited, is targeting traders and has successfully stolen funds from 130 victims so far.
This is a post from HackRead.com Read the original post: WinRAR users update your software as … Continue reading WinRAR users update your software as 0-day vulnerability is found

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day 

A financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money.
The post Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day  appeared first on SecurityWeek.
Continue reading Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day 

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts. “This vulnerability has been exploited since Ap… Continue reading Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)