A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. CVE-2023-38831 has been patched in August 2023, along with another high-severity RCE vulnerability (CVE-2023-40477). Exploited as a zero-day by cybercriminals since April 2023, the vulnerability is now also being used by state-sponsored hacking groups. “The widespread exploitation of the WinRAR bug highlights that exploits for known vulnerabilities can be highly effective, despite … More
The post State-sponsored APTs are leveraging WinRAR bug appeared first on Help Net Security.