Security News

A new version of the IcedID banking trojan has debuted that notably embraces steganography - the practice of hiding code within images - in order to stealthily infect victims. "Previous versions of IcedID injected into svchost.exe and downloaded encrypted modules and config as.DAT files," according to a Thursday posting.

A targeted series of attacks on suppliers of equipment and software for industrial enterprises is playing out globally, researchers said, hinging on phishing and a steganography tactic to hide malware on public, legitimate image resources. According to Kaspersky ICS CERT, the attacks seem bent on stealing Windows credentials in order to lay the groundwork for lateral movement inside a target network and follow-on activity.

Attackers are hiding PHP scripts in EXIF headers of JPEG images to hack websites, just by uploading an image.

Hackers Use Steganographic Technique to Hide Communications With Command and Control Servers  read more

URLZone Morphs Into a Downloader for Ursnif Researchers have discovered a malware campaign targeting Japan and combining phishing, steganography, PowerShell, and the URLZone and Ursnif malwares. read more

The OceanLotus APT is using two new loaders which use steganography to read their encrypted payloads.

Low-key but effective, steganography is an old-school trick of hiding code within a normal-looking image, where many cybersecurity pros may not think to look.

Apple fans lured into installing malware via crafty JavaScript A strain of malware has been clocked using steganography to run malicious JavaScript on Macs via images in online banner ads, it was...

A recently discovered PDF exploit used steganography to hide malicious JavaScript code in images embedded in PDF files, according to exploit analysis firm EdgeSpot. read more

Tool Hides Virtual Volumes But Leaves Linux Looking 'Bit-for-Bit' NormalDigital steganography is the practice of hiding information in plain sight, especially inside other data or images. And a...