Security News > 2023 > November > Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
2023-11-19 16:14
NDSC says that the Russian hackers used a Ngrok free static domain to access the command and control server hosted on their Ngrok instance.
A report from Google in October notes that the security issue was exploited by Russian and Chinese state hackers to steal credentials and other sensitive data, as well as to establish persistence on target systems.
FSB arrests Russian hackers working for Ukrainian cyber forces.
North Korean hackers exploit critical TeamCity flaw to breach networks.
Google links WinRAR exploitation to Russian, Chinese state hackers.
Russian Sandworm hackers breached 11 Ukrainian telcos since May. Fake WinRAR proof-of-concept exploit drops VenomRAT malware.
News URL
Related news
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners (source)