A new vulnerability affecting WinRAR and ZIP file extraction tools has been identified, which can allow malware to bypass antivirus programs. Attackers exploit this by embedding malicious scripts within specially crafted ZIP or RAR files, which can evade detection and execute upon extraction. The flaw takes advantage of how some extraction tools handle paths and permissions, potentially leading to unauthorized access and execution. Users are advised to update their software and exercise caution with untrusted compressed files to mitigate the risk of such attacks.
You can read the full article here
Cyber Resilience – Defence-in-depth principles. Winner of Best Cyber Book of the Year at the Real Cyber Awards 2023.
Understand how information security standards can improve your organization’s security and set it apart from competitors with this introduction to the 2022 updates of ISO 27001 and ISO 27002.
Previous posts on malwares
InfoSec services | InfoSec books | Follow our blog | DISC llc is listed on The vCISO Directory | ISO 27k Chat bot |