Tag: malware
-
How Hackers Avoid Detection using ZIP files
•
A significant part of a cybercriminal’s arsenal of tools and techniques is dedicated to evading detection by security solutions such as firewalls and antiviruses. Depending on the nature of the malware that needs to be delivered, the criminal might pick the most suited method of avoiding detection. ZIP File Concatenation…
-
Winos 4.0: How Gaming Apps can be Used to Infect your Computer
•
Researchers at Fortinet have observed multiple samples of an advanced malware, Winos 4.0, hidden within gaming-related applications such as speed boosters, optimization utilities, and installation tools. Winos is an advanced malware with several components handling distinct functions that collectively give the attacker complete control over the victim’s machine. The malware…
-
ChatGPT Vulnerable to Manipulation using Hex Code
•
Generative AI such as ChatGPT, Gemini, and Copilot can generate just about anything and although the majority uses these models in constructive ways, there are always bad actors looking to use them for malicious purposes. Therefore, companies that bring us these models must prevent bad actors from using their products…
-
RAMBO: Stealing Secrets from Isolated Computers
•
Background Prominent researcher Mordechai Guri of the Ben-Gurion University of the Negev, Israel, recently released a research paper detailing a new method that allows attackers to steal sensitive information from air-gapped(isolated) computers. Air-gapped systems are systems that are physically separated from external networks, including the Internet. This is achieved by keeping the…
-
Revival Hijack: A PyPI Supply Chain Attack Technique.
•
Researchers at JFrog have recently discovered a PyPI supply chain attack technique being exploited in the wild, dubbed “Revival Hijack”. This technique can be used to hijack Python packages hosted on PyPI by manipulating the option to re-register(revive) their names once the owner takes them down. A package repository is a centralized…