• ScaNtuRd@lemmy.world
    link
    fedilink
    English
    arrow-up
    66
    arrow-down
    18
    ·
    1 year ago

    Fuck WinRAR. It’s for normie NPCs. 7Zip is FOSS, and everybody should be using it instead.

  • VantaBrandon@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    1
    ·
    1 year ago

    “Group-IB said the flaw was exploited as a zero-day — since the developer had zero time to fix the bug before it was exploited — as far back as April to compromise the devices of at least 130 traders.”

    We’re all to blame for not registering

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 year ago

    This is the best summary I could come up with:


    The WinRAR vulnerability, first discovered by cybersecurity company Group-IB earlier this year and tracked as CVE-2023-38831, allows attackers to hide malicious scripts in archive files that masquerade as seemingly innocuous images or text documents.

    In research shared with TechCrunch ahead of its publication, TAG says it has observed multiple campaigns exploiting the WinRAR zero-day bug, which it has tied to state-backed hacking groups with links to Russia and China.

    One of these groups includes a Russian military intelligence unit dubbed Sandworm, which is known for destructive cyberattacks, like the NotPetya ransomware attack it launched in 2017 that primarily hit computer systems in Ukraine and disrupted the country’s power grid.

    Separately, TAG says it observed another notorious Russia-backed hacking group, tracked as APT28 and commonly known as Fancy Bear, using the WinRAR zero-day to target users in Ukraine under the guise of an email campaign impersonating the Razumkov Centre, a public policy think tank in the country.

    Google’s findings follow an earlier discovery by threat intelligence company Cluster25, which said last week that it had also observed Russian hackers exploiting the WinRAR vulnerability as a phishing campaign designed to harvest credentials from compromised systems.

    Google added that its researchers found evidence that the China-backed hacking group, known as APT40, which the U.S. government has previously linked to China’s Ministry of State Security, also abused the WinRAR zero-day flaw as part of a phishing campaign targeting users based in Papua New Guinea.


    The original article contains 490 words, the summary contains 239 words. Saved 51%. I’m a bot and I’m open source!

    • penquin@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      3
      ·
      1 year ago

      What should blow your mind is that it’s 2023 and you still need a separate program to extract compressed files on windows. 😂 Good thing they’re adding native support for it in windows 11. FINALLY.

      • pascal@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        they’re adding native support for it in windows 11

        What could possibly go wrong.

        • penquin@lemm.ee
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          1
          ·
          1 year ago

          For my personal use, Linux has every single thing I need right out of the box. That’s why it’s my main OS.

          • ChunkMcHorkle@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            arrow-down
            1
            ·
            1 year ago

            If you don’t mind me asking, what’s your distro and why did you settle on that particular one? I’m in the process of trying out different distros in anticipation of eventually moving all my stuff over and getting out of Windows completely, and that was really high praise, lol.

            So if you have a moment I’d really appreciate hearing about why you picked the distro you did, because being front loaded is one of the things I’m low key looking for: I don’t know Linux well enough to know what I might need out of the box, so the more that’s already on it the better (no shortage of drive space, fortunately). If it appeals I’ll load it up on a LiveUSB and test drive it myself. Thanks!

            • raptir@lemdro.id
              link
              fedilink
              English
              arrow-up
              0
              ·
              1 year ago

              If you’re new, Ubuntu (or one of its variants, like Xubuntu or Kubuntu) or Linux Mint are great “safe” options. The only thing to consider with Mint is that there is only an LTS release so you will end up with older versions of some programs. I’ve been using Linux as my primary OS for 17 years but I will still throw Xubuntu on a laptop if I just want to get something up and running quickly - other than having some extra packages installed out of the box there’s nothing “wrong” with it.

              That said I use openSUSE Tumbleweed as my daily driver. I like the rolling release and cutting edge packages, plus I like that YaST allows me to install the system exactly the way I want - picking and choosing individual packages.

              • ChunkMcHorkle@lemmy.world
                link
                fedilink
                English
                arrow-up
                0
                arrow-down
                1
                ·
                1 year ago

                Thank you so much for your response. I have tried Mint; it ran perfectly out of the box with zero issues on a 13 year old laptop; I just didn’t care for the Cinnamon DE so I have it on my list to try again with a different DE. Snaps aren’t too much of an issue because it supports other repositories.

                I’ve also tried OpenSUSE Leap but not Tumbleweed; I think I had to do the full install (no LiveUSB) but as an OS it was great. I ran it for a week but had some video issues with it, weird horizontal lines that go across the screen for a few seconds at boot, shut down, and login. Not a deal killer but I’ve set it aside for right now while I try other distros. (One thing I love so far about the Arch distros is that the online knowledge base is truly easy for someone with basic tech knowledge but no Linux knowledge to find what they need.) Really appreciate you taking the time to respond, thank you!

            • penquin@lemm.ee
              link
              fedilink
              English
              arrow-up
              0
              ·
              1 year ago

              I don’t mind. I have two machines that run Linux and one that runs windows. Main desktop I built last month runs endeavourOS. A 13" laptop that runs Ubuntu. A 15" laptop that runs windows. I like arch because it is always on the latest software. Some people like to be on the cutting edge and others don’t. I’m the former. But I didn’t want to run vanilla arch because I’m too lazy for maintenance and building my distro from ground up. EndeavourOS is arch with an installer and extra repos. It gives you a solid distro out of the box that you don’t need to do much work on after it’s installed. It just works. Never had an issue. I just update twice or once a week and I’m good to go. I have it set up with btrfs and snapshots in case it does break.

              Ubuntu on the laptop because I like Ubuntu on little machines. Every single thing works out of the box. Ubuntu is very neat. A lot of people hate on it and on snaps, but I honestly don’t care. I use what works for me. Anything Linux is good to me and they vary in how good they are. Also, Ubuntu is kind of nostalgic to me. It was the first thing I knew about Linux back in 2013.

              But here is the thing, I told you what I use, but it may not work for you. That’s why I love Linux. There is a distro for everyone. You can try what I use and see if you like them, if not keep distro hopping until you settle on something you love like I did. I personally wouldn’t listen to any suggestions on here, Reddit or anywhere on what distro to use (that’s just me btw). I distro hopped for almost two years until I settled on what I have now. Hope this helps.

              • ChunkMcHorkle@lemmy.world
                link
                fedilink
                English
                arrow-up
                0
                arrow-down
                1
                ·
                1 year ago

                Thank you for your response, this is exactly the info I was looking for. It may not work for me, but knowing WHY someone else loves it tells me a lot about it. I listen to every suggestion, but I first tried Linux back in the 90s: I’m not really swayed by emotive pleas because I’ve already heard them all. (The first time I ever heard that joke about if OSs were airlines and Unix/Linux would be the one where people brought the parts and assembled it on the runway while fighting the entire time was around that same period; it has only ever gotten to be even more true over the ages, lol.)

                At this point I have over a dozen LiveUSB or install sticks and I’m just rotating through them, spending a week or two on the distros I like. I’m on Zorin OS right now, which is on the list because it claims to have great Windows app support out of the box, and it’s great but I still need to test that part (and I’m procrastinating because it’s a major pain in the ass but I will eventually).

                EndeavourOS is one of the ones I keep hearing about, and it’s very high on the list at distrowatch.com, but I don’t really hear about it from the folks that use it so this is exactly what I was looking for. I really appreciate you taking the time to spell out what you’re using on what hardware and why, it cuts out a lot of the chaff that inevitably flies around distro choices. “Yeah, I know you like [____], but WHY does it work for you?” is a lot more helpful, and you gave me that. EndeavourOS is absolutely on my list now, and knowing that it comes preloaded with everything I might ever need helps a lot. Thank you again.

  • ELI70@lemmy.run
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    7
    ·
    1 year ago

    Stop Using Windows And MacOS use GNU/Linux instead -> Problem Solved

      • ELI70@lemmy.run
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        There are no problems on GNU/Linux only new areas of ignorance coming to your awareness. These are really opportuinities to learn. What you call problems is really some sort of ignorance of the underlying systems. Filling in the blind spot usually resolves the issue. You becoming aware of this is a great opportunity for this to self-correct. Thus you don’t have problems on GNU/linux instead you have growing opportunities. And boy oh boy are there lots of them 😃