Browsing tag
A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign file […]
Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. “The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as […]
A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with Venom RAT malware. “The fake PoC meant to exploit this WinRAR vulnerability was based on a publicly available PoC script that exploited a SQL injection vulnerability in […]
A recently patched security flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023, new findings from Group-IB reveal. The vulnerability, cataloged as CVE-2023-38831, allows threat actors to spoof file extensions, thereby making it possible to launch malicious scripts contained within an archive that masquerades as seemingly innocuous image […]
A high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Tracked as CVE-2023-40477 (CVSS score: 7.8), the vulnerability has been described as a case of improper validation while processing recovery volumes. “The issue results from the lack […]
The vulnerability in WinRAR trialware could be abused by a remote attacker for executing arbitrary code on any system thus, getting an opportunity to launch a range of attacks. According to a report from Positive Technologies, a remote code execution vulnerability was identified in a free trial version of WinRAR. The vulnerability was discovered in […]
WinRAR is a file archiving tool for handling ZIP and RAR files on computers. It is also available for several different platforms including Windows, Mac, Linux, Android and lots more. The WinRAR 64-bit and 31-bit versions offer the same features and may be installed according to your system architecture. They can compress files, thus reducing […]
Recent reports by Threat Post states that the 19-year-old vulnerability found last week in the popular windows archiving tool, WinRAR, is actively being exploited by hackers around the globe. Discovered by researchers at the 360 Threat Intelligence Center, the flaw allows attackers to make use of a path-traversal vulnerability in WinRAR and run malicious code on a […]
Researchers have detected the first malspam campaign that delivers a malicious RAR archive to infect victim’s computer exploiting the WinRAR ACE vulnerability. The 19-year-old vulnerability was disclosed by checkpoint security researchers last week, the vulnerability resides in the WinRAR UNACEV2.DLL library. This vulnerability can be exploited by an attacker with specially crafted ACE archive and […]
The popular windows file archival tool WinRAR has been in use for over two decades now. The software is used to view, create, pack and unpack archives in both ZIP and RAR formats. A recent report by The Register has revealed that the tool has a bug that has remained undetected since 2005. This vulnerability […]
Over 500 million WinRAR users could have been exposed; update your software as soon as possible A critical vulnerability in WinRAR, the most popular Windows file compression tool, was recently corrected. According to specialists in network security and ethical hacking from the International Institute of Cyber Security, the flaw would have allowed malicious users to […]
Short Bytes: The latest WinRAR SFX v5.21 update has a serious vulnerability that allows remote attackers to execute any malicious code on your system. The latest release of the WinRAR software has been discovered with a serious flaw. As you unzip the SFX archive inside the RAR file, WinRAR a widely used software used to compress […]
WinRAR, the popular file compression and decompression utility, has a security vulnerability that allows attackers to remotely execute code on the user’s computer when opening an SFX (Self-extracting archive) file. The bug was discovered by Mohammad Reza Espargham from Vulnerability Lab, and was also reproduced by Pieter Arntz from Malwarebytes. According to the vulnerability disclosure […]