-
Hackers now use ZIP file concatenation to evade detection
Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them.
- November 10, 2024
- 10:13 AM
2
-
WinRAR zero-day exploited since April to hack trading accounts
A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts.
- August 23, 2023
- 09:53 AM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Clever ‘File Archiver In The Browser’ phishing trick uses ZIP domains
A new 'File Archivers in the Browser' phishing kit abuses ZIP domains by displaying fake WinRAR or Windows File Explorer windows in the browser to convince users to launch malicious files.
- May 28, 2023
- 11:18 AM
- 4
-
New ZIP domains spark debate among cybersecurity experts
Cybersecurity researchers and IT admins have raised concerns over Google's new ZIP and MOV Internet domains, warning that threat actors could use them for phishing attacks and malware delivery.
- May 16, 2023
- 06:48 PM
- 2
-
An encrypted ZIP file can have two correct passwords — here's why
Password-protected ZIP archives are common means of compressing and sharing sets of files—from sensitive documents to malware samples to even malware (phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome on extraction?
- August 21, 2022
- 12:27 PM
- 0
-
BazarBackdoor sneaks in through nested RAR and ZIP archives
Security researchers caught a new phishing campaign that tried to deliver the BazarBackdoor malware by using the multi-compression technique and masking it as an image file.
- July 14, 2021
- 03:29 PM
- 2
-
Specially Crafted ZIP Files Used to Bypass Secure Email Gateways
Attackers are always looking for new tricks to distribute malware without them being detected by antivirus scanners and secure email gateways. This was illustrated in a new phishing campaign that utilized a specially crafted ZIP file that was designed to bypass secure email gateways to distribute the NanoCore RAT.
- November 07, 2019
- 03:30 AM
- 3
-
Microsoft Acknowledges Zip File Overwrite Bug - Fix Coming in November
In a post to the Microsoft Answers forum, Microsoft has acknowledged the built-in zip bug and has stated that it will be fixed in an early November. This fix will most likely be pushed out via a cumulative update or via Microsoft's November Patch Tuesday updates.
- October 25, 2018
- 01:15 PM
- 1
-
Windows 10 1809 Zip Extraction Bug Overwrites Files without Confirmation
A new bug has popped up in Windows 10 Build 1809 that does not display an overwrite prompt when extracting files from a Zip archive to a location where the same file exists.
- October 22, 2018
- 09:35 PM
- 1
