Lmst

More Steganography!

A malicious Excel file using steganography was analyzed, revealing embedded XLS sheets and a complex infection chain. The file downloads an HTA file that creates a BAT file, which in turn generates and executes a VBS file. The VBS file fetches a VBA script that creates and runs a PowerShell script. The PowerShell script downloads an image containing a hidden payload delimited by specific tags. The payload is a Base64-encoded PE file, which is decoded and executed as a DLL. The final payload appears to be a Katz stealer. This analysis highlights the use of multiple file types and steganography techniques to evade detection.

Pulse ID: 684da8c81baecf48b68eb91e
Pulse Link: https://otx.alienvault.com/pulse/684da8c81baecf48b68eb91e
Pulse Author: AlienVault
Created: 2025-06-14 16:52:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Excel #InfoSec #OTX #OpenThreatExchange #PowerShell #RAT #Steganography #VBS #bot #AlienVault

#Steganography en.wikipedia.org/wiki/Stegano... "the practice of representing information within another message or physical object, in such a manner that the presence of the concealed information would not be evident to an unsuspecting person's examination."

Steganography - Wikipedia

🛠️ Built a couple of small Python tools:

One writes hidden messages into .ppm images using basic steganography.

The other extracts those messages back out.

It’s just a proof of concept—but feel free to explore or reuse if you're curious.

More details coming in my next blog post.

Just wanted to give a quick heads-up.

Happy poking. 🔍🐚

📎 You can grab them here:

https://github.com/OPQAM/MigratingCoconuts/tree/master/Python_Rebuild/Week_3

#steganography #infosec #hacking #python #lowlevelstuff

How to describe #steganography methods in a comparable and unified way to aid #replicability?

We combined pre-existing methodology into a single framework. New pre-print + online tool prototype (will get improved soon) on our website: https://patterns.omi.uni-ulm.de/news/

Full version of the paper and the online tool will be presented at the ARES'25 CUING workshop in August.

#replicability #steganography #covertchannels #informationhiding #infosec #cybersecurity #security #research

New pre-print: Domainator: Detecting and Identifying DNS-Tunneling Malware Using Metadata Sequences

(final version to appear at ARES'25)

https://www.researchgate.net/publication/392168105_Domainator_Detecting_and_Identifying_DNS-Tunneling_Malware_Using_Metadata_Sequences

#dns #tunneling #infosec #cybersecurity #malware #steganography #covertchannels #security

TIL Normy ČSN mají neviditelný vodoznak. Tak jo, zlobit budu jen pro vlastní potřebu.
#zsteg #steganography

The #OpenAI paper by Baker et al, "Monitoring Reasoning Models for Misbehavior and the Risks of Promoting Obfuscation" comes to a troubling conclusion: #LLM s with #reasoning or #ChainOfThought (#CoT) capabilities might learn to obfuscate their own CoT from human users if they are being penalized for displaying "wrong" (i.e. reward hacking or misalignment) reasoning.

As a result, OpenAI strongly advises against applying reward pressure "directly" onto the CoT of a model.

🤔 While that is certainly the right thing to do, how long will #AI take to figure out that *indirect CoT pressure* is being applied anyway and that it could circumvent these restrictions by obfuscating its own CoT? Maybe something like this will happen by accident or within an "evolutionary" self-improvement loop. Perhaps a sufficiently advanced model will realize that its own #neuralese serves as #steganography to hide its intents from humans anyway and keep its CoT in non-English?

source: https://cdn.openai.com/pdf/34f2ada6-870f-4c26-9790-fd8def56387f/CoT_Monitoring.pdf

If CoT pressures are used to improve agent capabilities or alignment, there may be no alternative approach to yield the same improvements without degrading monitorability. In the worst case, where the agent learns to fully obscure its intent in its CoT, we ultimately revert to the same model safety conditions that existed prior to the emergence of reasoning models and must rely on monitoring activations, monitoring potentially adversarial CoTs and outputs, or improved alignment methods. Model actions and outputs continue to grow in complexity, and we’ve demonstrated that even at their current capabilities, models can execute sophisticated reward hacks. In the near future, these models may become either too advanced or too widely used for humans to manually oversee. For this reason, we believe that CoT monitoring may become one of few tools we have for identifying latent misalignments, and it may be required that we avoid strong chain-of-thought optimization pressures entirely to guarantee we do not inadvertently cause CoT obfuscation.

I wonder if text-to-text #steganography could be used to "poison" #LLMs if all they can scrape from a website is nonsensical coverup text, while the actual text is decoded in the client's browser...

Tycker det är rätt coolt att man kan ta fram bilden på katten ur bilden på träden. #steganography

Malicious #NPM package uses Unicode #steganography to evade detection

https://www.bleepingcomputer.com/news/security/malicious-npm-package-uses-unicode-steganography-to-evade-detection/

#cybersecurity

Anwendungsvorschläge für das Forschungsdatenzentrum Klappe 384.

#Steganography #dataiscode #epa

https://www.nature.com/articles/s41467-024-55631-x

Could your npm packages be hiding more than code? One package used invisible Unicode to sneak in malicious commands—an eye-opening twist on cyber threats. How safe is your software supply chain?

https://thedefendopsdiaries.com/steganography-in-npm-packages-a-hidden-threat-to-software-security/

#steganography
#npmsecurity
#malware
#softwaresecurity
#cyberthreats

There is no #consciousness and #intelligence without an #active and growing #memory. #pictographicIntelligence and #steganography.

I created a brief video on #taxonomies (and our #steganography #taxonomy in particular).

https://youtube.com/watch?v=7MiMI5eUjMw

Check out this interesting article involving late-noughties DVD piracy, the Streisand effect and steganography. https://en.m.wikipedia.org/wiki/Illegal_number #wikipedia #steganography

Hongkiat: Hiding Secret Files in Images Using Steghide. “Ever wanted to hide sensitive information in plain sight? That’s exactly what steganography allows you to do. Unlike encryption, which makes data unreadable but obvious that something is hidden, steganography conceals the very existence of the secret data. Steghide is a powerful Linux tool that lets you embed any file into an image […]

https://rbfirehose.com/2025/04/24/hongkiat-hiding-secret-files-in-images-using-steghide/

Identifying Overlapping Ideas and Concepts of Methods that Hide Information https://www.growkudos.com/publications/10.1145%252F3729165/reader #cybersecurity #cybersec #taxonomy #survey #steganography #covertchannels #informationhiding #systematization #infosec #netsec

🔐 Ever wondered how to hide a file inside a photo?

Discover Quantumography – a smart way to protect your data by embedding files inside images with zero trace. In our demo, we hide a private BTC key to show how powerful it is.

🎥 Watch now: https://youtu.be/OWx0I2T_vRY

#Quantumography #DataPrivacy #Cybersecurity #Neuronus #AItools #Steganography #SecureFiles

A Generic Taxonomy for #Steganography. Published today by ACM Comp. Surveys (CSUR). Joint-work w/ W. Mazurczyk , @lucacav, A. Mileva, @Jana_Dittmann, @kraetzer, K. Lamshöft, @THB_Security_Research, L. Hartmann, J. Keller, @TN_THB and @niosat