CyberSecurityBoard
Sponsor Register Login

NoisyBear: Weaponizing ZIP Files for Stealthy Attacks

The article discusses the emerging threat of NoisyBear, a cyberattack technique that weaponizes ZIP files to evade detection and deliver malicious payloads. NoisyBear leverages the widespread use of ZIP archives to infiltrate systems stealthily, exploiting vulnerabilities in how these compressed files are handled by security tools and users. The method involves embedding malware within ZIP files in a way that bypasses traditional scanning mechanisms, making it a potent tool for threat actors aiming for covert operations. The article highlights the importance of updated security protocols and user awareness to mitigate risks associated with this attack vector. It also emphasizes the need for advanced detection technologies that can analyze compressed file contents more effectively. Cybersecurity professionals are urged to monitor for indicators of compromise related to NoisyBear and to implement layered defenses that include behavioral analysis and anomaly detection. The piece concludes with recommendations for organizations to enhance their email and file handling policies, ensuring that ZIP files are scrutinized thoroughly before being opened or executed. Overall, the article serves as a critical alert to the cybersecurity community about the evolving tactics of attackers using ZIP files as a delivery mechanism for malware.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 04 Sep 2025 14:10:18 +0000


Cyber News related to NoisyBear: Weaponizing ZIP Files for Stealthy Attacks

NoisyBear: Weaponizing ZIP Files for Stealthy Attacks - The article discusses the emerging threat of NoisyBear, a cyberattack technique that weaponizes ZIP files to evade detection and deliver malicious payloads. NoisyBear leverages the widespread use of ZIP archives to infiltrate systems stealthily, ...
2 months ago Cybersecuritynews.com NoisyBear
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Vim Command Line Text Editor Vulnerability Let Attackers Overwrite Sensitive Files - Published on July 15, 2025, this path traversal vulnerability poses significant risks to system security, though exploitation requires direct user interaction. When users open maliciously crafted zip archives, the plugin fails to properly validate ...
3 months ago Cybersecuritynews.com CVE-2025-53906
CVE-2025-46730 - MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to ...
6 months ago
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
1 year ago Blog.checkpoint.com
North Korean Hackers Weaponizing ZIP Files To Execute Malicious PowerShell Scripts - The LNK file contains embedded code that executes PowerShell commands to extract multiple components: a decoy HWPX document (a Korean document format), executable data files, and a batch script. While the security analyst, Mohamed Ezat from ZW01f ...
8 months ago Cybersecuritynews.com APT3 APT37
CVE-2025-31672 - Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate ...
7 months ago
Hackers Weaponizing SVG Files to Deliver PureMiner Malware - Cybersecurity researchers have uncovered a new attack vector where hackers are weaponizing SVG (Scalable Vector Graphics) files to deliver the PureMiner malware. This innovative technique leverages the SVG file format, commonly used for vector images ...
1 month ago Cybersecuritynews.com
New Zip Slip Vulnerability Allows Attackers to Execute Arbitrary Code - A newly discovered Zip Slip vulnerability has been identified, posing significant risks to software systems that handle archive files. This security flaw allows attackers to exploit directory traversal issues within zip archives, enabling them to ...
2 months ago Cybersecuritynews.com CVE-2024-12345
Using Threat Intelligence To Combat Advanced Persistent Threats (APTs) - By incorporating threat intelligence feeds into security operations, organizations gain valuable insights into the tactics, techniques, and procedures (TTPs) used by known APT groups. Modern platforms integrate contextual intelligence feeds, helping ...
6 months ago Cybersecuritynews.com
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
1 year ago Helpnetsecurity.com
At a Glance: The Year in Cybersecurity 2023 - From a surge in zero-day attacks to a need to consolidate security stacks for safety, we've seen some notable challenges, trends, and threats. In this post, we'll take a quick, non-comprehensive look at trends and news from 2023, and see what ...
1 year ago Securityboulevard.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
2 years ago Securityweek.com
Hackers use Citrix Bleed flaw in attacks on govt networks worldwide - Threat actors are leveraging the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, to target government, technical, and legal organizations in the Americas, Europe, Africa, and the Asia-Pacific region. Researchers from Mandiant report that four ...
1 year ago Bleepingcomputer.com CVE-2023-4966 CVE-2023-3966
Threat Actors Weaponizing Windows Scheduled Tasks for Persistent Attacks - Threat actors are increasingly exploiting Windows Scheduled Tasks as a stealthy and persistent attack vector. This technique allows attackers to maintain long-term access to compromised systems by leveraging built-in Windows functionalities that ...
2 months ago Cybersecuritynews.com
10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
8 months ago Cybersecuritynews.com
The Rise of DDoS Attacks in Q3, 2023: Are You Prepared? - The Indusface AppSec Q3, 2023 Report reveals a staggering 67% surge in DDoS attacks compared to the previous quarter, highlighting a concerning trend with profound impacts on various industries. Over 41% of websites have shown signs of DDoS attacks ...
1 year ago Cybersecuritynews.com CVE-2023-44487 Cloak
The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
1 year ago Cyberdefensemagazine.com
Vulnerability Summary for the Week of January 15, 2024 - This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program. Successful attacks require human interaction from a ...
1 year ago Cisa.gov
CVE-2024-24789 - The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation ...
1 year ago
New NKAbuse malware abuses NKN blockchain for stealthy comms - A new Go-based multi-platform malware identified as 'NKAbuse' is the first malware abusing NKN technology for data exchange, making it a stealthy threat. NKN is a relatively new decentralized peer-to-peer network protocol leveraging blockchain ...
1 year ago Bleepingcomputer.com
CVE-2022-39367 - QTIWorks is a software suite for standards-based assessment delivery. Prior to version 1.0-beta15, the QTIWorks Engine allows users to upload QTI content packages as ZIP files. The ZIP handling code does not sufficiently check the paths of files ...
3 years ago
87% of DDoS Attacks Targeted Windows OS Devices in 2023 - Computers and servers became the primary target of attacks, making up 92% of DDoS attempts, compared to only 68% in the previous year. Attacks are also becoming shorter and less frequent, but more powerful. While the overall count in attack frequency ...
1 year ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)