Category Archives: WinRAR

WinRAR Patches Flaw That Lets Attackers Run Malicious Code When Opening RAR Files

Posted on by

Key takeaways: RARLAB has released a crucial update aimed at addressing a high-severity security loophole within its popular WinRAR compression and archiving tool. This flaw enables threat actors to execute arbitrary code upon the launch of a RAR file, thus raising significant concerns about user data safety and system integrity. The WinRAR vulnerability, tracked as…

The post WinRAR Patches Flaw That Lets Attackers Run Malicious Code When Opening RAR Files appeared first on Petri IT Knowledgebase.

Continue reading WinRAR Patches Flaw That Lets Attackers Run Malicious Code When Opening RAR Files

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)

Posted on by

RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats (RAR, ZIP,… Continue reading WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)

UAC-0099 Hackers Using Old WinRAR Flaw in New Cyberattack on Ukraine

Posted on by

By Waqas
UAC-0099 is a pro-Russian hacking group that has been targeting Ukraine since the conflict between the two countries began.
This is a post from HackRead.com Read the original post: UAC-0099 Hackers Using Old WinRAR Flaw in New Cyberattack on U… Continue reading UAC-0099 Hackers Using Old WinRAR Flaw in New Cyberattack on Ukraine

Attackers bypass Microsoft security patch to drop Formbook malware

Posted on by

By Waqas
The patch was issued to prevent the execution of code that downloaded the Microsoft Cabinet archive containing a malicious executable.
This is a post from HackRead.com Read the original post: Attackers bypass Microsoft security patch to drop F… Continue reading Attackers bypass Microsoft security patch to drop Formbook malware

WinRAR vulnerability allowed attackers to remotely hijack systems

Posted on by

By Deeba Ahmed
The vulnerability in WinRAR trialware could be abused by a remote attacker for executing arbitrary code on any system thus, getting an opportunity to launch a range of attacks.
This is a post from HackRead.com Read the original post: Win… Continue reading WinRAR vulnerability allowed attackers to remotely hijack systems

‘StrongPity’ hacking group does just enough to get around defenses

Posted on by

Rather than expend resources on creating fancy new tools, malicious hackers often do the bare minimum needed to breach their targets. That means that when researchers expose their malware, the groups tend to only slightly modify their code to keep it effective. The latest activity from an advanced persistent threat known as StrongPity is a prime example. After having its actions called out last year, StrongPity has come up with new malware samples it is using in a month-long, ongoing campaign against users in Turkey, according to research published Wednesday by AT&T Alien Labs. Although the code has been altered, the general attack method remains the same: go after users who download router management software to infect target organizations, and use the popular file archiver WinRAR for delivery. The spyware delivered to the organizations, which is also called StrongPity, hunts for documents on an infected network and lingers on, retaining […]

The post ‘StrongPity’ hacking group does just enough to get around defenses appeared first on CyberScoop.

Continue reading ‘StrongPity’ hacking group does just enough to get around defenses