The real story, such as it is, appears to be that someone made an MS Word macro which can load and execute malicious code from other files such as a jpeg, supposedly to make automated detection of it less likely.
homesweethomeMrL@lemmy.world
on 13 May 22:49
collapse
MS Word eh? Figures.
atzanteol@sh.itjust.works
on 13 May 21:10
nextcollapse
This technique, which bypasses traditional antivirus systems, highlights an alarming evolution in cybercrime tactics.
It’s called steganography and has been around for ages. I wrote code back in the, well let’s just say “a while ago”, that “hid” data in PNG files.
markovs_gun@lemmy.world
on 14 May 02:27
nextcollapse
It was super easy too right? i want to say it was a simple batch file. I remember I had a .rar file full of pornography that I disguised as a shitty cat meme. I even tested out uploading it to some image hosting website to see if it would strip that data out and nope I was able to download a copy and open it with winrar no issues. I wonder of somewhere there is a shitty cat meme floating around the Internet with a bunch of porn hidden inside it.
moonpiedumplings@programming.dev
on 15 May 21:01
collapse
I really, really hate this site. This is not the first time I’ve seen low quality garbage. It reports old news as crazy new novel techniques.
Calling steganography “Undetectable” is like a kid making a secret language that is just scrambled English words. Like yeah, it’s hard to decode and it is a secret, but it is detectable and it still needs a base to work (ie an already existing language or in this case actually executed code)
threaded - newest
This is better than my CISA email alerts. What RSS feeds are you using? Can you share the XML?
sh.itjust.works/feeds/c/cybersecurity.xml?sort=Ne…
Thanks but that’s not an RSS feed
What about openrss.org/sh.itjust.works/c/cybersecurity?dataT…
The real story, such as it is, appears to be that someone made an MS Word macro which can load and execute malicious code from other files such as a jpeg, supposedly to make automated detection of it less likely.
MS Word eh? Figures.
It’s called steganography and has been around for ages. I wrote code back in the, well let’s just say “a while ago”, that “hid” data in PNG files.
It was super easy too right? i want to say it was a simple batch file. I remember I had a .rar file full of pornography that I disguised as a shitty cat meme. I even tested out uploading it to some image hosting website to see if it would strip that data out and nope I was able to download a copy and open it with winrar no issues. I wonder of somewhere there is a shitty cat meme floating around the Internet with a bunch of porn hidden inside it.
I really, really hate this site. This is not the first time I’ve seen low quality garbage. It reports old news as crazy new novel techniques.
Calling steganography “Undetectable” is like a kid making a secret language that is just scrambled English words. Like yeah, it’s hard to decode and it is a secret, but it is detectable and it still needs a base to work (ie an already existing language or in this case actually executed code)
This is not news.