December 5, 2023 at 07:22PM Fancy Bear, a Russian cyber-spy group, has been targeting US and European agencies using patched Outlook and WinRAR flaws for phishing campaigns. Microsoft and Polish Cyber Command observed unauthorized access to high-value email accounts. Over 10,000 emails were used to exploit the vulnerabilities. Proofpoint expects continued exploitation of unpatched systems … Read more
November 20, 2023 at 09:42AM APT29, a state-sponsored Russian hacker group, is exploiting the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. The group is using a BMW car sale lure to target embassy entities. The vulnerability allows for execution of malicious code through crafted .RAR and .ZIP archives. APT29 has been using a Ngrok static domain … Read more
November 16, 2023 at 09:00AM A hacking group known as DarkCasino, initially discovered in 2021, has now been categorized as an advanced persistent threat (APT). They have exploited a recently disclosed security flaw in WinRAR software as a zero-day. DarkCasino’s attacks are frequent and they demonstrate a strong desire to steal online property. Multiple threat … Read more
October 19, 2023 at 11:05AM State-sponsored threat actors from Russia and China are exploiting the WinRAR vulnerability in unpatched systems to deliver malware. Google TAG has observed attacks targeting organizations in Ukraine and Papua New Guinea. The flaw is a known vulnerability in WinRAR, but many systems remain vulnerable. Patching remains a global challenge for … Read more