Security News

A targeted series of attacks on suppliers of equipment and software for industrial enterprises is playing out globally, researchers said, hinging on phishing and a steganography tactic to hide malware on public, legitimate image resources. According to Kaspersky ICS CERT, the attacks seem bent on stealing Windows credentials in order to lay the groundwork for lateral movement inside a target network and follow-on activity.

Attackers are hiding PHP scripts in EXIF headers of JPEG images to hack websites, just by uploading an image.

Hackers Use Steganographic Technique to Hide Communications With Command and Control Servers  read more

URLZone Morphs Into a Downloader for Ursnif Researchers have discovered a malware campaign targeting Japan and combining phishing, steganography, PowerShell, and the URLZone and Ursnif malwares. read more

The OceanLotus APT is using two new loaders which use steganography to read their encrypted payloads.

Low-key but effective, steganography is an old-school trick of hiding code within a normal-looking image, where many cybersecurity pros may not think to look.

Apple fans lured into installing malware via crafty JavaScript A strain of malware has been clocked using steganography to run malicious JavaScript on Macs via images in online banner ads, it was...

A recently discovered PDF exploit used steganography to hide malicious JavaScript code in images embedded in PDF files, according to exploit analysis firm EdgeSpot. read more

Tool Hides Virtual Volumes But Leaves Linux Looking 'Bit-for-Bit' NormalDigital steganography is the practice of hiding information in plain sight, especially inside other data or images. And a...

Burying secret data in plain sight- is it a clever cybersecurity trick, or a way to attract the very attention you wanted to avoid?