Archive for the ‘WinRar’ Category

Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms

March 28th, 2019
An Iran-linked cyber-espionage group that has been found targeting critical infrastructure, energy and military sectors in Saudi Arabia and the United States two years ago continues targeting organizations in the two nations, Symantec reported on Wednesday. Widely known as APT33, which Symantec calls Elfin, the cyber-espionage group has been active since as early as late 2015 and targeted a wide

Posted in antivirus, computer virus, cyber espionage, hacking news, Malware attack, shamoon malware, WinRar, winrar exploit | Comments (0)

A rogue’s gallery of bad actors is exploiting that critical WinRAR flaw

March 27th, 2019
A rogue’s gallery of bad actors is exploiting that critical WinRAR flaw

Enlarge (credit: iStock / Getty Images)

A critical vulnerability in the WinRAR file-compression utility is under active attack by a wide range of bad actors who are exploiting the code-execution flaw to install password stealers and other types of malicious software.

In one campaign, according to a report published by researchers from security firm FireEye, attackers are spreading files that purport to contain stolen data. One file, titled leaks copy.rar, contains email addresses and passwords that were supposedly compromised in a breach. Attackers claim another file, cc.rar, contains stolen credit card data. Other files have names including zabugor.rar, ZabugorV.rar, Combolist.rar, Nulled2019.rar, and IT.rar.

Hidden inside the files are payloads from a variety of different malware families. They include a keylogger known as QuasarRat and malware containing Chinese language text known as Buzy.

Read 8 remaining paragraphs | Comments

Posted in Biz & IT, exploits, malware, vulnerabilities, WinRar | Comments (0)

Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates

March 15th, 2019
Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn't have an auto-update feature, which, unfortunately, leaves millions of its users vulnerable to cyber attacks. The critical

Posted in Download Windows Update, hacking news, malware, Vulnerability, WinRar, winrar exploit | Comments (0)

Nasty WinRAR bug is being actively exploited to install hard-to-detect malware

March 15th, 2019
Close-up photo of police-style caution tape stretched across an out-of-focus background.

Enlarge (credit: Michael Theis / Flickr)

Malicious hackers wasted no time exploiting a nasty code-execution vulnerability recently disclosed in WinRAR, a Windows file-compression program with 500 million users worldwide. The in-the-wild attacks install malware that, at the time this post was going live, was undetected by the vast majority of antivirus product.

The flaw, disclosed last month by Check Point Research, garnered instant mass attention because it made it possible for attackers to surreptitiously install persistent malicious applications when a target opened a compressed ZIP file using any version of WinRAR released over the past 19 years. The absolute path traversal made it possible for archive files to extract to the Windows startup folder (or any other folder of the archive creator’s choosing) without generating a warning. From there, malicious payloads would automatically be run the next time the computer rebooted.

On Thursday, a researcher at McAfee reported that the security firm identified “100 unique exploits and counting” in the first week since the vulnerability was disclosed. So far, most of the initial targets were located in the US.

Read 3 remaining paragraphs | Comments

Posted in Biz & IT, code execution, exploits, malware, vulnerabilities, WinRar | Comments (0)

Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers

February 26th, 2019
It's not just the critical Drupal vulnerability that is being exploited by in the wild cybercriminals to attack vulnerable websites that have not yet applied patches already available by its developers, but hackers are also exploiting a critical WinRAR vulnerability that was also revealed last week. A few days ago, The Hacker News reported about a 19-year-old remote code execution vulnerability

Posted in computer virus, file archive software, hacking news, Windows Malware, WinRar, winrar exploit | Comments (0)

Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years

February 21st, 2019
Beware Windows users... a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide. Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the

Posted in hacking news, Hacking Windows, path traversal attack, remote code execution, Vulnerability, Windows Malware, WinRar, winrar exploit | Comments (0)

Nasty code-execution bug in WinRAR threatened millions of users for 14 years

February 20th, 2019
Evert

Enlarge / Evert (credit: iStock / Getty Images)

WinRAR, a Windows file compression program with 500 million users worldwide, recently fixed a 14-year-old vulnerability that made it possible for attackers to execute malicious code when targets opened a booby-trapped file.

The vulnerability was the result of an absolute path traversal flaw that resided in UNACEV2.DLL, a third-party code library that hasn’t been updated since 2005. The traversal made it possible for archive files to extract to a folder of the archive creator’s choosing, rather than the folder chosen by the person using the program. Because the third-party library doesn’t make use of exploit mitigations such as address space layout randomization, there was little preventing exploits.

Researchers from Check Point Software, the security firm that discovered the vulnerability, initially had trouble figuring out how to exploit the vulnerability in a way that executed code of their choosing. The most obvious path—to have an executable file extracted to the Windows startup folder where it would run on the next reboot—required WinRAR to run with higher privileges or integrity levels than it gets by default.

Read 4 remaining paragraphs | Comments

Posted in Biz & IT, bugs, code execution, exploits, vulnerabilities, WinRar | Comments (0)

Millions of PCs Found Running Outdated Versions of Popular Software

January 24th, 2019
It is 2019, and millions of computers still either have at least one outdated application installed or run outdated operating systems, making themselves vulnerable to online threats and known security vulnerabilities/exploits. Security vendor Avast has released its PC Trends Report 2019 revealing that millions of users are making themselves vulnerable to cyber attacks by keeping outdated

Posted in Adobe Flash, hacking news, skype, VLC media player, Vulnerability, vulnerable software, WinRar | Comments (0)

THN Weekly Roundup — 11 Most Important Hacking News Stories

October 5th, 2015

We are back with our last week’s top cyber security threats and challenges, just in case you missed any of them (ICYMI).

THN Weekly Round Up is The Hacker News efforts to help you provide all important stories of last week in one shot.

We recommend you read the full story (just click ‘Read More’ because there’s some valuable advice in there as well).

Here’s the list:

1. Quantum

Posted in AdBlock Extension, encryption software, Gottfrid Svartholm Warg, Hacker News, hacking news, Open Source, Quantum Teleportation, Stagefright, TrueCrypt, weekly roundup, windows 10 privacy, WinRar | Comments (0)

KILLER! Unpatched WinRAR Vulnerability Puts 500 Million Users At Risk

September 30th, 2015

Beware Windows Users!

A new dangerous unpatched Zero-day Vulnerability has been detected in the latest version of WinRAR affects over millions of users worldwide.

According to Mohammad Reza Espargham, a security researcher at Vulnerability-Lab, the stable version of WinRAR 5.21 for Windows computers is vulnerable to Remote Code Execution (RCE) flaw.

<!– adsense –>

WinRAR is one of

Posted in compress files, exploit code, hacking news, remote code execution, Vulnerability, WinRar, Zero-Day Vulnerability | Comments (0)