Bleeping Computer

An encrypted ZIP file can have two correct passwords — here's why

Password-protected ZIP archives are common means of compressing and sharing sets of files—from sensitive documents to malware samples to even malicious files (i.e. phishing "invoices" in emails). But, ...
Bleeping Computer

Clever ‘File Archiver In The Browser’ phishing trick uses ZIP domains

A new 'File Archivers in the Browser' phishing kit abuses ZIP domains by displaying fake WinRAR or Windows File Explorer windows in the browser to convince users to launch malicious files. Earlier ...
Dark Reading

Flexible Structure of Zip Archives Exploited to Hide Malware Undetected

Threat actors are exploiting the various ways that zip files combine multiple archives into one file as an anti-detection tactic in phishing attacks that deliver various Trojan malware strains, ...