all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

State Actors Targeting WinRAR Flaw in Multiple Campaigns

Add to bookmarks
Oct. 18, 2023, 3:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Several APT groups, including two highly capable and active Russian teams, are running campaigns to target a known vulnerability in the popular WinRAR archive utility and deliver a variety of commodity and custom malware and backdoors.


The attackers are going after CVE-2023-38831, a bug in many versions of the WinRAR utility that can lead to arbitrary code execution. The WinRAR team released a patch for the flaw in August, but cybercrime groups had been exploiting it since at least April, …

apt apt groups archive attackers backdoors bug campaigns cve cve-2023-38831 flaw known vulnerability malware popular running russian state target targeting teams utility vulnerability winrar winrar flaw

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

You get a passkey, you get a passkey, everyone should get a passkey 2 hours ago | malware.news
accounts can consumer cracked +10
Attackers evade detection by leveraging Microsoft Graph API 2 hours ago | malware.news
api article attackers cloud +15
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383 3 hours ago | malware.news
article cisco credit credit monitoring +8
Code faster with generative AI, but beware the risks when you do 3 hours ago | malware.news
article can code coding +13
Proposed Bill Focuses on Voluntary AI Security Incident Reporting 3 hours ago | malware.news
ai security bill companies cybersecurity +21
The impact of automating open source dependency management 4 hours ago | malware.news
article business consuming customer +12
Diffusione di malware Keylogger tramite falsa pagina di Agenzia delle Entrate – PuntoFisco 5 hours ago | malware.news
agenzia delle entrate article cert con +5
Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 6 hours ago | malware.news
article cloud collaboration customers +13
Mounting global ransomware attacks significantly impact US 7 hours ago | malware.news
article attacks avril haines director +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs