Tootfinder

I see this is doing the rounds
https://cybernews.com/cybercrime/winrar-flaw-ukraine-global-cybercrime-google/
To be clear this is a security flaw that WinRAR patched in July last year.
Why is it a problem now? Because WinRAR, like 7-Zip …

Check out today's Metacurity to stay up-to-date on the critical infosec developments you should know, including
--The interim head of CISA uploaded sensitive documents to ChatGPT,
--Koreans to be notified of possible data breaches,
--Operations at Russian security systems outfit were disrupted by a cyberattack,
--EU-India security deal omits hackers-for-hire,
--Threat actors exploit a high-severity vulnerability in WinRAR,
--Mustang Panda can steal logi…

The interim head of CISA uploaded sensitive documents to ChatGPT
Koreans to be notified of possible data breaches, Operations at Russian security systems outfit were disrupted by a cyberattack, EU-India security deal omits hackers-for-hire, Threat actors exploit a high-severity vulnerability in WinRAR, Mustang Panda can steal login data from browsers, much more

@… Yes it is open source but it is a little tough to claim the moral high ground here when 7-Zip also frequently has security issues and like WinRAR offers no autoupdate
https://nvd.ni…

I switched up to RAR 7.20b3. Not a lot of change for Linux users as most of the improvements are for the in the GUI (so Windows only a.k.a. WinRAR).
However you can now use $XDG_CONFIG_HOME/rar (which normally expands to $HOME/.config/rar) to store your .rarrc configuration file, which, you know… just keeps everything neater. 🤷 I'll take it. 😉

I made a small thing. Just a little automated masto account @… to track updates to 7-Zip and RAR (WinRAR).
Why!? 🤔 These types of archiving tools are very handy but have been known to have security issues (both had exploits last year). Plus they don't always provide automatic update mechanisms on most platforms. 😉
It …