An anonymous reader quotes a report from Ars Technica: Microsoft cloud services are scanning for malware by peeking inside users’ zip files, even when they’re protected by a password, several users reported on Mastodon on Monday. Compressing file contents into archived zip files has long been a tactic threat actors use to conceal malware spreading through email or downloads. Eventually, some threat actors adapted by protecting their malicious zip files with a password the end user must type when converting the file back to its original form. Microsoft is one-upping this move by attempting to bypass password protection in zip files and, when successful, scanning them for malicious code.

While analysis of password-protected in Microsoft cloud environments is well-known to some people, it came as a surprise to Andrew Brandt. The security researcher has long archived malware inside password-protected zip files before exchanging them with other researchers through SharePoint. On

Link to original post https://it.slashdot.org/story/23/05/16/0331223/microsoft-is-scanning-the-inside-of-password-protected-zip-files-for-malware?utm_source=rss1.0mainlinkanon&utm_medium=feed from Teknoids News

Read the original story