Security News

Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from...

An unknown threat actor has released a fake proof of concept exploit for CVE-2023-4047, a recently fixed remote code execution vulnerability in WinRAR, to spread the VenomRAT malware. The fake WinRAR PoC. On August 17, 2023, Trend Micro's Zero Day Initiative reported the RCE vulnerability that allowed threat actors to execute arbitrary code on an affected WinRAR installation.

A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with Venom RAT malware....

A hacker is spreading a fake proof-of-concept exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect downloaders with the VenomRAT malware. The fake PoC exploit was spotted by Palo Alto Networks' Unit 42 team of researchers, who reported that the attacker uploaded the malicious code to GitHub on August 21, 2023.

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructureNorth Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability to target internet backbone infrastructure and healthcare institutions in Europe and the US. Maintaining consistent security in diverse cloud infrastructuresIn this Help Net Security interview, Kennedy Torkura, CTO at Mitigant, discusses the complexity of maintaining clear visibility into cloud environments, why it poses such a challenge for CISOs, and how they can prepare to address potential issues. IEEE 802.11az provides security enhancements, solves longstanding problemsIn this Help Net Security interview, Jonathan Segev, IEEE 802.11 Task Group Chair of next-generation positioning at IEEE, discusses IEEE 802.11az.

A recently patched security flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023, new findings from Group-IB reveal. The vulnerability, cataloged as CVE-2023-38831, allows threat actors to spoof file extensions, thereby making it possible to launch malicious scripts contained within an archive that masquerades as seemingly innocuous image or text files.

WinRAR could start a wrong file after a user double- clicked an item in a specially crafted archive. That's a bit like receiving an email containing a safe-looking attachment along with a risky-looking one, deciding to start by investigating only the safe-looking one, but unknowingly firing up the risky file instead. From what we can tell, and in another irony, this bug existed in WinRAR's code for unpacking ZIP files, not in the code for processing its very own RAR file format.

Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR to trick traders into installing malware that would allow them to steal money from broker accounts. CVE-2023-38831 is a file extension spoofing vulnerability, which allowed attackers to create a modified RAR or ZIP archive containing harmless files and malicious ones.

A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. The vulnerability has been under active exploitation since April 2023, helping distribute various malware families, including DarkMe, GuLoader, and Remcos RAT. The WinRAR zero-day vulnerability allowed the threat actors to create malicious.

A high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Tracked as CVE-2023-40477, the vulnerability has been described as a case of improper validation while processing recovery volumes.