AllAboutSecurityMar 16

XWorm 7.1 und Remcos RAT: Angreifer setzen auf dateilose Techniken und Windows-Bordmittel

Beide Schadprogramme nutzen vertrauenswürdige Windows-Systemwerkzeuge, um gängigen Sicherheitslösungen zu entgehen – ein Ansatz, der unter dem Begriff „Living off the Land“ bekannt ist und zunehmend auch bei kommerziell vertriebener Malware zum Einsatz kommt.

https://www.all-about-security.de/xworm-7-1-und-remcos-rat-angreifer-setzen-auf-dateilose-techniken-und-windows-bordmittel/

#winrar #Livingofftheland #malware #cybersecurity #maas

XWorm 7.1 und Remcos RAT: Methoden der Angreifer

Entdecken Sie die Gefahren von XWorm 7.1 und Remcos RAT: wie Angreifer Windows-Tools zur Tarnung nutzen.

All About Security Das Online-Magazin zu Cybersecurity (Cybersicherheit). Ransomware, Phishing, IT-Sicherheit, Netzwerksicherheit, KI, Threats, DDoS, Identity & Access, Plattformsicherheit
Hackread.comMar 16

New XWorm 7.1 and Remcos RAT campaigns are abusing trusted #Windows utilities and memory-based execution to evade detection, giving attackers remote access to infected systems. The campaign also exploits a #WinRAR vulnerability to gain initial access.

Read: https://hackread.com/xworm-7-1-remcos-rat-windows-tools-evade-detection/

#CyberSecurity #Malware #XWorm #RemcosRAT

XWorm 7.1 and Remcos RAT Attacks Abuse Windows Tools to Evade Detection

New XWorm 7.1 and Remcos RAT campaigns abuse trusted Windows tools to evade detection. The attacks exploit a WinRAR flaw and use process hollowing to spy on victims.

Hackread - Cybersecurity News, Data Breaches, AI and More
Andrew ArmstrongMar 16
Best Free Zip Compression Tools | https://techygeekshome.info/best-free-zip-compression-tools/?fsp_sid=24241 | #7Zip #Guide #refresh #WinRAR #WinZip #Zip 
https://techygeekshome.info/best-free-zip-compression-tools/?fsp_sid=24241
Anthony PowellMar 16
Best Free Zip Compression Tools | https://techygeekshome.info/best-free-zip-compression-tools/?fsp_sid=24240 | #7Zip #Guide #refresh #WinRAR #WinZip #Zip 
https://techygeekshome.info/best-free-zip-compression-tools/?fsp_sid=24240
新聞頻道Mar 11
UNWIRE.HK (@unwire_hk)

ZIP 壓縮機制大漏洞 全部防毒軟件中招 黑客可藏惡意程式碼
https://unwire.hk/2026/03/11/zombie-zip-cve-2026-0866-winrar/tech-secure/?utm_source=rss&utm_medium=rss&utm_campaign=zombie-zip-cve-2026-0866-winrar
#資訊保安 #7-Zip #Bombadil_Systems #CVE-2026-0866 #WinRAR #ZIP_漏洞 #Zombie_ZIP #防毒軟件
ZIP 壓縮機制大漏洞 全部防毒軟件中招 黑客可藏惡意程式碼 - unwire.hk 香港

網絡安全公司 Bombadil Systems 研究員 Chris Aziz 發現 ZIP 壓縮檔存在嚴重漏洞「Zombie ZIP」。黑客惡意篡改檔案標頭,令 VirusTotal 平台 50 款防毒引擎無法偵測惡意程式碼。用家使用 WinRAR 或 7-Zip 等解壓工具打開檔案並點擊執行,即讓黑客取得系統控制權。

香港 unwire.hk 玩生活.樂科技
UNWIRE.HKMar 11
ZIP 壓縮機制大漏洞 全部防毒軟件中招 黑客可藏惡意程式碼
https://unwire.hk/2026/03/11/zombie-zip-cve-2026-0866-winrar/tech-secure/?utm_source=rss&utm_medium=rss&utm_campaign=zombie-zip-cve-2026-0866-winrar
#資訊保安 #7-Zip #Bombadil_Systems #CVE-2026-0866 #WinRAR #ZIP_漏洞 #Zombie_ZIP #防毒軟件
ZIP 壓縮機制大漏洞 全部防毒軟件中招 黑客可藏惡意程式碼 - unwire.hk 香港

網絡安全公司 Bombadil Systems 研究員 Chris Aziz 發現 ZIP 壓縮檔存在嚴重漏洞「Zombie ZIP」。黑客惡意篡改檔案標頭,令 VirusTotal 平台 50 款防毒引擎無法偵測惡意程式碼。用家使用 WinRAR 或 7-Zip 等解壓工具打開檔案並點擊執行,即讓黑客取得系統控制權。

香港 unwire.hk 玩生活.樂科技
Andrew ArmstrongMar 10
SCCM WQL Collection Query for All WinRAR Installations | #Guide #Microsoft #SystemCenter #SCCM #MECM #WQL #WinRAR #SysAdmin 
https://techygeekshome.info/sccm-wql-collection-query-for-all-winrar-installations/?fsp_sid=28498
Andrew ArmstrongFeb 22
WinRAR Uninstall using SCCM or silent command line | #Guide #Microsoft #SystemCenter #WinRAR #SCCM #SilentInstall #SysAdmin #ITAutomation 
https://techygeekshome.info/winrar-sccm-uninstall/?fsp_sid=27586
7‑Zip & WinRAR Tracker 🗜️🕵Feb 12
• 7-Zip: 25.01 → 26.00 🆕
• WinRAR: 7.20
• RAR Linux: 7.20
• RAR macOS: 7.20
• RAR Android: 7.20
#7zip #WinRAR
Daniel Kuhl ✌🏻☮️☕️Feb 11

#CheckPoint Research observed #Amaranth-Dragon, a Chinese-aligned group linked to #APT41, conducting espionage against government and law enforcement across Southeast Asia. The threat actor weaponized #WinRAR flaw CVE-2025-8088 within 10 days after its disclosure, geo-fenced servers to targets, and introduced #TGAmaranth, a Telegram-based remote access tool.

https://research.checkpoint.com/2026/amaranth-dragon-weaponizes-cve-2025-8088-for-targeted-espionage/

Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia - Check Point Research

Key Points Introduction Check Point Research has identified several campaigns targeting multiple countries in the Southeast Asian region. These related activities have been collectively categorized under the codename “Amaranth-Dragon”. The campaigns demonstrate a clear focus on government entities across the region, suggesting a motivated threat actor with a strong interest in geopolitical intelligence. The campaigns […]

Check Point Research