Stay Informed! NTISB Highlights Risks of Password-Protected WinRAR Downloads

Cyberattacks have ramped up significantly in the recent past, with hackers even targeting key government institutions. In this regard, the National Telecommunication and Information Security Board (NTISB) has released a cybersecurity warning titled “Exploiting WinRAR Critical Vulnerability Through Phishing Emails.”

In line with this advisory, cybercriminals are making use of phishing emails with enhanced sophistication. These emails consist of password-protected WinRAR zip files as attachments. When any user unzips these files, the malware is triggered automatically. Then, it takes advantage of a remote code execution vulnerability in WinRAR, recognized as CVE-2023-40477, which then compromises the system of the victim.

Furthermore, the advisory claims that by taking advantage of flaws in WinRAR, hackers may take complete control of the PC of the users, steal their private files, prevent users from accessing the system, encrypt important data, and more. Such cyber attempts frequently involve ransomware, data extraction, and data wipe, among other things.

Users were advised not to open or download any dubious email attachments, particularly those that included WinRAR or WinZip password-protected files. Users of WinRAR are advised to update to the most recent version 6.23 or above in order to prevent these kinds of attacks.

This advice was provided to the federal and provincial governments by NTISB. The respective governments have been asked to extend this advisory to lower-level departments.

Also read:

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
>