While phishing has traditionally been delivered via email, enterprising threat actors are now using other channels that aren’t covered by email security tools to deliver malicious content. These include dynamic file downloads (a tactic known as HTML Smuggling), Javascript trickery, password-protected archive files and oversized files–using gaps in inspection policies to smuggle malicious content past the Secure Web Gateway (SWG) before reconstructing and activating them in the browser after the initial breach has been made.
Cybercriminals have recently developed similar techniques to bypass traditional anti-virus and sandbox solutions that scan web content for known malware signatures and suspicious behavior. Terrorists figured out long ago that the best way to smuggle explosives is to deconstruct bombs and ferry individual parts separately across the border before reconstructing the devices once they get past security.
Here are four ways adversaries are using vulnerabilities in the browser to attack federal agencies: 1.
0 kommentar(er)
