all InfoSec news
Redline Dropped Through MSIX Package, (Wed, Nov 15th)
Malware Analysis, News and Indicators - Latest topics malware.news
The MSIX package file format has been in the light for a few weeks. The GHOSTPULSE[1] malware has been identified to bypass many security controls delivered through an MSIX package. Like many operating systems, Windows can install applications by executing an executable (often called “setup.exe”), but packages are also available. Think about the well-known “.deb” for Debian/Ubuntu or “.rpm” for RedHat/CentOS. In the Windows eco-system, packages have the “.msi” extension. They have been used to deliver malware for a while …
applications bypass called controls file install malware msix nov operating systems package packages redline security security controls systems windows