Another day, another malicious JPEG, (Mon, Feb 23rd)
Summary
The article discusses a malware campaign using malicious JPEG files with embedded payloads, similar to campaigns previously discussed on the SANS Internet Storm Center. The author found a new campaign using this technique while reviewing malware samples caught by a customer's email proxy.
IFF Assessment
FOE
Malicious JPEGs represent a threat to systems and require defenders to be vigilant.
Defender Context
Defenders should be aware of the ongoing use of steganography and embedded payloads in image files, particularly JPEGs, to deliver malware. Email proxies and endpoint detection systems should be configured to scan for such techniques. Monitoring network traffic for unusual image downloads can also help detect these campaigns.