|How do you perform on a test that probes your vulnerability to a virus hidden in a zipped file? |
How are we testing?:
This test downloads a benign file containing an EICAR virus test file that is zipped multiple times. The test file is zipped using standard archivers and contains multiple benign files combined with the EICAR virus. The download is terminated if the inline network security allows most of the file.
Why is this test important?:
Criminals have gotten more creative in devising methods to deliver their virus payloads such as using compressed files. Unzipping takes computational power and that can slow traffic down so many network-based security systems are set to ignore multi-level archives and will only check one level of zipped files or even to skip zipped files altogether.
Are you protected against simple evasion techniques?
Security threats can compromise even Internet giants. In one example, Facebook discovered the 'Lecpetex' botnet on 250,000 PCs and 50,000 Facebook accounts; it was created from viruses contained in zipped files spread across Europe and US.Source
|In the News:|
24 Jul 2017
Apple warns of Wi-Fi hack and issues security patch for iOS devices.
29 Jun 2017
The affected hospitals are said to be routinely functioning now following the cyber attack; news comes as new virus wreak havoc on the globe.
28 Jun 2017
Reports that the computer virus was a variant of Petya suggest the attackers will be hard to trace. Petya was for sale on the so-called dark web, where its creators made the ransomware available as “ransomware as a service” — a play on Silicon Valley ...