In a blog post-Tuesday, Cisco Talos reports a new campaign has changed how the malware is served on victim systems. Experts offer perspective.
In a blog post-Tuesday, Cisco Talos reports a new campaign has changed how the malware is served on victim systems. Experts offer perspective.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
One Response
<p>The evolution of the ObliqueRAT trojan is a good example of how malicious actors are constantly updating their tools and techniques to bypass existing controls. By embedding their malware in a bitmap image using steganography, they are able to bypass conventional controls that block executables, archives, etc. By embedding it in an image, they also slip past the Human element that would only see an image as expected. Fortunately, the attackers can\’t hide the malware\’s behaviors, which means security analytics remains effective, while knowing the sources and file format makes it easy to add restrictions through threat intelligence feeds as well.</p>