tldrdaily.news logo
Tag

Zip Files

All articles tagged with #zip files

"WinRAR Zero-Day Exploit: Protect Your Accounts and Patch Now!"
cybersecurity2 years ago

"WinRAR Zero-Day Exploit: Protect Your Accounts and Patch Now!"

A zero-day vulnerability in the popular file-compression program WinRAR has been actively exploited for four months by unknown attackers. The vulnerability allows hackers to execute malicious code when targets open booby-trapped JPGs and other innocuous files inside ZIP archives. The attackers have been using the exploit to install malware, including DarkMe, GuLoader, and Remcos RAT, and withdraw money from broker accounts. The total number of victims and financial losses is unknown, but at least 130 individuals have been compromised. WinRAR developers have released a fix for the vulnerability, and users are advised to update to version 6.23 to protect themselves.

via Ars Technica|
#cybersecurity#exploit#malware
Microsoft's Cloud Security Measures Now Include Scanning Password-Protected Zip Files for Malware
cybersecurity2 years ago

Microsoft's Cloud Security Measures Now Include Scanning Password-Protected Zip Files for Malware

Microsoft is scanning the contents of password-protected zip files for malware in its cloud services, according to reports. The move is aimed at bypassing password protection in zip files and scanning them for malicious code. The practice has raised concerns among security researchers, who say it could impact their ability to share malware samples with colleagues. Microsoft uses multiple methods to scan the contents of password-protected zip files, including extracting passwords from emails or the name of the file itself. However, password-protected zip files provide minimal assurance that content inside the archives can't be read.

via Slashdot|
#cloud-services#cybersecurity#malware
Microsoft Scans Password-Protected Zip Files for Malware
cybersecurity2 years ago

Microsoft Scans Password-Protected Zip Files for Malware

Microsoft is scanning the contents of password-protected zip files for malware in its cloud services, even when the files are protected by a password. The company uses multiple methods to bypass password protection, including extracting passwords from the body of emails or testing the file to see if it's protected with one of the passwords contained in a list. While this practice has prevented many users from falling prey to social engineering attacks, it has also raised concerns about privacy invasion. It's worth noting that password-protected zip files provide minimal assurance that content inside the archives can't be read.

via Ars Technica|
#cloud-services#cybersecurity#malware