2023-12-07 11:24:01
Cybercrime group Fancy Bear has been exploiting two vulnerabilities in Microsoft Outlook and the WinRAR compression program since March. They use this to carry out phishing attacks on targets in both the United States and Europe. Both vulnerabilities have already been patched, but this update has not been installed by all users.
Proofpoint indicates that the flaw in Microsoft Outlook allows unduly higher user rights to be set (CVE-2023-23397). Additionally, attackers exploit a vulnerability in WinRAR to execute code on attacked systems (CVE-2023-38831).
The bug in Outlook was already fixed in March, while two months later, Microsoft released an additional update. However, Proofpoint is now warning against attacks exploiting this weakness. Polish public and private organizations, among others, became targets, according to the Polish Cyber Command.
Legitimate files
At the same time, Proofpoint mentions attacks exploiting the WinRAR bug CVE-2023-38831. This allows criminals to embed malware into legitimate files, which they then run on their victims’ systems.
Users who wish to protect themselves against these attacks are advised to verify that their Outlook and WinRAR installations are fully updated.
1701948732
#Cybercriminals #exploit #vulnerabilities #Outlook #WinRAR