|How do you perform on a test that probes your vulnerability to a virus hidden in a zipped file? |
How are we testing?:
This test downloads a benign file containing an EICAR virus test file that is zipped multiple times. The test file is zipped using standard archivers and contains multiple benign files combined with the EICAR virus. The download is terminated if the inline network security allows most of the file.
Why is this test important?:
Criminals have gotten more creative in devising methods to deliver their virus payloads such as using compressed files. Unzipping takes computational power and that can slow traffic down so many network-based security systems are set to ignore multi-level archives and will only check one level of zipped files or even to skip zipped files altogether.
Are you protected against simple evasion techniques?
Security threats can compromise even Internet giants. In one example, Facebook discovered the 'Lecpetex' botnet on 250,000 PCs and 50,000 Facebook accounts; it was created from viruses contained in zipped files spread across Europe and US.Source
|In the News:|
29 Apr 2017
Sean Ruddy and his team of operator-soldiers from the US Cyber Brigade entered a Locked Shields, a NATO-organized cyber-defense war game that pits teams from dozens of countries against “live-fire” attacks. ... On-site military lawyers debated those ...
27 Apr 2017
Ten years ago today, authorities in Tallinn set out to remove a Soviet World War II memorial from the capital's downtown. The Russian government had warned ...
10 Apr 2017
Researchers with cyber security firm FireEye, say the Microsoft Word threat begins with an email infected with a malicious “booby-trapped” document. Once the file is opened, it downloads harmful computer code from “different well-known malware families.