all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw

Add to bookmarks
Oct. 19, 2023, 4:02 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations.
The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The shortcoming has been actively

arbitrary code attackers back china code cve cve-2023-38831 cvss exploiting flaw google google tag operations question russia score security security flaw state tag threat threat actors tool vulnerability windows winrar winrar flaw

Visit resource

More from thehackernews.com / The Hacker News

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability an hour ago | thehackernews.com
account account takeover agency catalog +28
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials 2 hours ago | thehackernews.com
authentication called cloud connections +24
Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds 17 hours ago | thehackernews.com
analysis bitcoin blockchain clusters +19
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers 18 hours ago | thehackernews.com
android android devices android malware binary +21
Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success 20 hours ago | thehackernews.com
course cybersecurity decision employees +8
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan 21 hours ago | thehackernews.com
analysis anti-analysis authors banking +14
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia 1 day, 1 hour ago | thehackernews.com
agency classified defense documents +17
Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years 1 day, 18 hours ago | thehackernews.com
attacks campaigns containers cybersecurity +10
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure 1 day, 21 hours ago | thehackernews.com
address ai risks ai security artificial +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs