- CIOsurge
- Posts
- 🛠️ Russian cybercriminals exploit 7-Zip flaw to bypass Windows security
🛠️ Russian cybercriminals exploit 7-Zip flaw to bypass Windows security
Russian Hackers Exploit 7-Zip, Microsoft Update Causes Chaos, Korn Ferry’s New CIO
Zack Tembi
February 14, 2025
Powered by Single Fin
Welcome to this week’s edition of CIOsurge!
This week:
Russian cybercriminals exploit a newly patched 7-Zip flaw to bypass Windows security and distribute malware.
Microsoft warns 400 million users about Windows update issues, Google reverses AI weapons policy, and employees quietly adopt AI at work.
Korn Ferry appoints Michael LoRusso as CIO to drive digital transformation and cybersecurity.
Let’s make this week a game-changer.
Stay sharp. Stay ahead.
🛠️ Russian cybercriminals exploit 7-Zip flaw to bypass Windows security
A vulnerability in 7-Zip, CVE-2025-0411 (CVSS 7.0), has been actively exploited by Russian cybercriminal groups to distribute SmokeLoader malware. The flaw allows attackers to bypass Windows’ Mark-of-the-Web (MotW) protections by double-archiving malicious payloads. Despite being patched in 7-Zip version 24.09, phishing campaigns have weaponized this exploit to target Ukrainian government entities, municipal organizations, and businesses.
This attack highlights a troubling reality: widely used utilities like 7-Zip can become unexpected attack vectors when security flaws are overlooked. This is not just about 7-Zip—it’s about any software in your stack that might not properly enforce security controls like MotW. CIOs and IT leaders need to ensure that security patches for third-party applications are applied promptly, and that endpoint security policies mitigate risks from file-based attacks.
The use of compromised government email accounts to send phishing payloads also emphasizes the need for advanced email filtering and behavioral threat detection. Attackers are targeting entities that are often less resourced but critical to national infrastructure. Organizations must assume that phishing attempts will continue to bypass traditional security layers and invest in a multi-layered security approach, including threat hunting and user awareness training.
- Zack Tembi
🗞️ At A Glance
đź’ˇ CIO Spotlights
Korn Ferry taps Michael LoRusso as CIO to lead tech strategy
Michael LoRusso brings over 25 years of IT leadership experience to Korn Ferry, aiming to drive digital transformation and cybersecurity.
Previously CIO at Embecta Corp., he’s also held key roles at JPMorgan Chase, GE, and served as a U.S. Navy Lieutenant Commander.
LoRusso will focus on strengthening IT infrastructure and advancing digital capabilities to fuel the firm’s growth.