Attacks exploiting WinRAR vulnerability tied to Ukraine

29 March 2024

Several Russian companies have been subjected to intrusions exploiting the already-patched WinRAR vulnerability, tracked as CVE-2023-38831, by the PhantomCore cyberespionage operation, which has been linked to Ukraine, reports The Record, a news site by cybersecurity firm Recorded Future. Attacks commenced with the distribution of phishing emails with a contract-spoofing PDF document and a password-protected RAR archive, which when executed delivers the PhantomRAT remote access malware that allows data exfiltration, a report from Russian Group-IB spinoff F.A.C.C.T revealed.

Source: SC Magazine

Date:

29 March 2024

Categorie(s):

NEWS

Tag(s):

Attacks, IT, Network Security, Ukraine, WinRAR

How To Properly Secure SAP Fiori 12 May 2024
Hackers Moving To AI But Lacking Behind The Defenders In Adoption Rates12 May 2024
Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast12 May 2024
Critical infrastructure security will stay poor unless everyone pulls together11 May 2024
RSA Conference 2024 goes beyond AI-powered security to securing AI itself11 May 2024