all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID

Add to bookmarks
Sept. 27, 2022, 1 p.m. | Mark Lim

Unit42 unit42.paloaltonetworks.com

Polyglot files, such as the malicious CHM file analyzed here, can be abused to hide from anti-malware systems that rely on file format identification.


The post More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID appeared first on Unit 42.

analysis cortex cortex xdr dns security evasion exposing icedid malware next generation firewall polyglot threat prevention url filtering wildfire

Visit resource

More from unit42.paloaltonetworks.com / Unit42

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 6 days, 12 hours ago | unit42.paloaltonetworks.com
campaign command command injection cve +13
Muddled Libra’s Evolution to the Cloud 1 week, 2 days ago | unit42.paloaltonetworks.com
amp applications att aws +17
It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise 1 week, 3 days ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire attacks +14
Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) 2 weeks, 5 days ago | unit42.paloaltonetworks.com
compression cortex xdr cortex xsiam cve +17
Exposing a New BOLA Vulnerability in Grafana 3 weeks, 1 day ago | unit42.paloaltonetworks.com
advanced url filtering api api attacks authorization +19
ASEAN Entities in the Spotlight: Chinese APT Group Targeting 3 weeks, 2 days ago | unit42.paloaltonetworks.com
actions advanced persistent threat advanced url filtering apac +20
Large-Scale StrelaStealer Campaign in Early 2024 3 weeks, 6 days ago | unit42.paloaltonetworks.com
advanced threat protection advanced wildfire campaign campaigns +16
Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and Prevention 4 weeks ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire aerospace +25
Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor 4 weeks, 2 days ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire agency +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cloud Security Engineer

@ Pacific Gas and Electric Company | Oakland, CA, US, 94612
View on infosec-jobs.com

Penetration Tester (Level 2)

@ Verve Group | Pune, Mahārāshtra, India
View on infosec-jobs.com

Senior Security Operations Engineer (Azure)

@ Jamf | US Remote
View on infosec-jobs.com

(Junior) Cyber Security Consultant IAM (m/w/d)

@ Atos | Berlin, DE, D-13353
View on infosec-jobs.com
View more jobs