Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Over 100 Exploits Found for 19-Year Old WinRAR RCE Bug

Winrar_exploits

A code execution vulnerability in WinRAR generated over a hundred distinct exploits in the first week since its disclosure, and the number of exploits keeps on swelling.

The hackers' interest was probably piqued by the 500 million user base of the file-compression software and that the flaw (CVE-2018-20250) was present on all its versions released over the past 19 years. Furthermore, the reward would be full control over a victim’s system.

McAfee researcher Craig Schmugar reported on Thursday in one recent attack they observed the hackers enticed victims with a bootlegged copy of Ariana Grande's album "Thank U, Next."

The music files would be delivered in an archive file named "Ariana_Grande-thank_u,_next(2019)_[320].rar." Using a vulnerable version of WinRAR to extract the files, a malicious payload is added to the Windows Startup folder.

The researcher says that most of the targets observed initially were residents of the United States. The company identified more than 100...(continued)

View All Trending Stories