Retraction of "Antivirus and Endpoint Detection and Response Archive Scanning Engines may not properly scan malformed ZIP archives"

Overview Malformed ZIP headers can be used to obfuscate malicious content in ZIP files from antivirus detection tools. Despite the presence of malformed headers, custom extraction software can decompress the ZIP archive, allowing potentially malicious payloads to be recovered after successful...

AndroWasm: An Empirical Study on Android Malware Obfuscation through WebAssembly

In recent years, stealthy Android malware has increasingly adopted sophisticated techniques to bypass automatic detection mechanisms and harden manual analysis. Adversaries typically rely on obfuscation, anti-repacking, steganography, poisoning, and evasion techniques to AI-based tools, and...

Rocket Loader skimmer impersonates CloudFlare library in clever scheme

Update: The digital certificate issued for https.ps has been revoked by GlobalSign. Fraudsters are known for using social engineering tricks to dupe their victims, often times by impersonating authority figures to instill trust. In a recent blog post, we noted how criminals behind Magecart skimme...

Steganography in the Modern Attack Landscape

Steganography the hiding of data in other content types such as images, videos, network traffic etc. continues to play a role in modern attacks in several forms. Most uses of steganography in malware can be divided into two broad categories: concealing the actual malware contents and concealing t...

mZb7zr6L5z5T8xF

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...