Path traversal vulnerability discovered in WinRAR versions prior to and including 5.61. When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path. The vulnerability caused by an old vulnerable DLL named unacev2.dll used for parsing ACE files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rarlab winrar |
Three Iranian men have been charged in the U.S. in relation to attacks linked to Elfin (aka APT33). Sanctions also imposed on Iranian Chafer group.
Posted: 18 Sep, 20204 Min ReadThreat Intelligence SubscribeElfin: Latest U.S. Indictments Appear to Target Iranian Espionage GroupThree Iranian men have been charged in the U.S. in relation to attacks linked to Elfin (aka APT33). Sanctions also imposed on Iranian Chafer group.The U.S. government has indicted three Iranian nationals on charges related to cyber attacks against aerospace and satellite technology companies. Said Pourkarim Arabi, Moham...
Three Iranian men have been charged in the U.S. in relation to attacks linked to Elfin (aka APT33). Sanctions also imposed on Iranian Chafer group.
Posted: 18 Sep, 20204 Min ReadThreat Intelligence SubscribeElfin: Latest U.S. Indictments Appear to Target Iranian Espionage GroupThree Iranian men have been charged in the U.S. in relation to attacks linked to Elfin (aka APT33). Sanctions also imposed on Iranian Chafer group.The U.S. government has indicted three Iranian nationals on charges related to cyber attacks against aerospace and satellite technology companies. Said Pourkarim Arabi, Moham...
Although heavily focused on the Middle East, Elfin (aka APT33) has also targeted a range of organizations in the U.S. including a number of major corporations.
Posted: 27 Mar, 20198 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinElfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.Although heavily focused on the Middle East, Elfin (aka APT33) has also targeted a range of organizations in the U.S. including a number of major corporations.The Elfin espionage group (aka APT33) has remained highly active over the past three years, attacking at lea...
Zebrocy was first observed being used as a Sofacy backdoor in 2015. However, the collection of cases where this tool has been used mean that we consider it a subset of activity in its own right. On the basis of this threat actor’s past behaviour, we predicted last year that Zebrocy would continue to innovate in its malware development. The group has developed using Delphi, AutoIT, .NET, C# and PowerShell. Since May 2018, Zebrocy has added the “Go” language to its arsenal – the first time...
These statistics are based on detection verdicts of Kaspersky Lab products received from users who consented to provide statistical data. According to Kaspersky Security Network, Q1 2019 is remembered mainly for mobile financial threats. First, the operators of the Russia-targeting Asacub Trojan made several large-scale distribution attempts, reaching up to 13,000 unique users per day. The attacks used active bots to send malicious links to contacts in already infected smartphones. The mailings ...