New 'Zombie ZIP' technique lets malware slip past security tools
Summary
Researchers have developed a new technique called 'Zombie ZIP' that allows malware to evade detection by security tools like antivirus and EDR. This technique involves creating specially crafted ZIP archives that can conceal malicious payloads.
IFF Assessment
FOE
This technique allows malware to bypass existing security defenses, making it harder for defenders to detect and prevent infections.
Defender Context
Defenders should be aware of the 'Zombie ZIP' technique and ensure their security solutions are updated to detect or mitigate this new evasion method. This highlights the ongoing arms race between attackers and defenders, with attackers constantly developing novel ways to bypass security controls.