The National Telecommunication and Information Security Board (NTISB) has issued a vital cybersecurity advisory, alerting users to the risks associated with password-protected WinRAR files.
Hackers are exploiting a critical vulnerability (CVE-2023-40477) in WinRAR via phishing emails.
Phishing emails carry password-protected WinRAR attachments that, when opened, trigger malware, granting hackers full control over the victim's system.
This control enables them to steal personal data, block access, and encrypt sensitive files, often leading to ransomware attacks or data loss.
To stay safe, users are urged to exercise caution when encountering email attachments, especially password-protected WinRAR or WinZip files.
Additionally, it's advised that WinRAR users update their software to version 6.23 or higher.
NTISB has shared this advisory with federal and provincial governments, urging them to disseminate the warning to subordinate departments.
This collective effort aims to raise cybersecurity awareness and protect against potential threats.