Bleeping Computer

An encrypted ZIP file can have two correct passwords — here's why

Password-protected ZIP archives are common means of compressing and sharing sets of files—from sensitive documents to malware samples to even malicious files (i.e. phishing "invoices" in emails). But, ...
Bleeping Computer

Clever ‘File Archiver In The Browser’ phishing trick uses ZIP domains

A new 'File Archivers in the Browser' phishing kit abuses ZIP domains by displaying fake WinRAR or Windows File Explorer windows in the browser to convince users to launch malicious files. Earlier ...
Ars Technica

Microsoft is scanning the inside of password-protected zip files for malware

Microsoft cloud services are scanning for malware by peeking inside users’ zip files, even when they’re protected by a password, several users reported on Mastodon on Monday. Compressing file contents ...
Dark Reading

Flexible Structure of Zip Archives Exploited to Hide Malware Undetected

Threat actors are exploiting the various ways that zip files combine multiple archives into one file as an anti-detection tactic in phishing attacks that deliver various Trojan malware strains, ...
Dark Reading

Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool

Two new top-level domain names — .zip and .mov — have caused concern among security researchers, who say they allow for the construction of malicious URLs that even tech-savvy users are likely to miss ...
ZDNet

These file types are the ones most commonly used by hackers to hide their malware

ZIP and RAR files have overtaken Office documents as the file most commonly used by cyber criminals to deliver malware, according to an analysis of real-world cyber attacks and data collected from ...
ExtremeTech

ZIP, RAR Have Surpassed Office Files as Most-Used Malware Containers

We all, hopefully, learned long ago not to open suspicious Microsoft Office files, which have long been one of the most common vectors for malware infection. According to a new report, there's a new ...