Stay Informed! NTISB Highlights Risks of Password-Protected WinRAR Downloads
Cyberattacks have ramped up significantly in the recent past, with hackers even targeting key government institutions. In this regard, the National Telecommunication and Information Security Board (NTISB) has released a cybersecurity warning titled “Exploiting WinRAR Critical Vulnerability Through Phishing Emails.”
In line with this advisory, cybercriminals are making use of phishing emails with enhanced sophistication. These emails consist of password-protected WinRAR zip files as attachments. When any user unzips these files, the malware is triggered automatically. Then, it takes advantage of a remote code execution vulnerability in WinRAR, recognized as CVE-2023-40477, which then compromises the system of the victim.
Furthermore, the advisory claims that by taking advantage of flaws in WinRAR, hackers may take complete control of the PC of the users, steal their private files, prevent users from accessing the system, encrypt important data, and more. Such cyber attempts frequently involve ransomware, data extraction, and data wipe, among other things.
Users were advised not to open or download any dubious email attachments, particularly those that included WinRAR or WinZip password-protected files. Users of WinRAR are advised to update to the most recent version 6.23 or above in order to prevent these kinds of attacks.
This advice was provided to the federal and provincial governments by NTISB. The respective governments have been asked to extend this advisory to lower-level departments.
Also read:
- NTISB Warns Govt Departments to not Use Indian/Israeli IT Products; Why?
- NTISB Recommends Ways to Avoid Banking/ Financial Fraud
PTA Taxes Portal
Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal
Explore NowFollow us on Google News!