CSOonline

Polyglot files used to spread new backdoor

Proofpoint reports that a threat actor has used the tactic against critical infrastructure firms in the UAE, warns CISOs to watch for it elsewhere. A threat actor is using polyglot files to conceal ...
Bleeping Computer

RAT malware campaign tries to evade detection using polyglot files

Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from security tools. The campaign was spotted by ...
Hackaday

Shakespeare In A Zip In A RAR, Hidden In An Image On Twitter

Steganography involves hiding data in something else — for example, encoding data in a picture. [David Buchanan] used polyglot files not to hide data, but to send a large amount of data in a single ...
Bleeping Computer

Microsoft fixes Windows certificate spoofing bug abusing CAT files

Microsoft's October 2020 Patch Tuesday fixed 87 security bugs, one of which is an "Important" Windows Spoofing Vulnerability that abuses CAT files. The vulnerability enables attackers to create ...