Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

New Malicious Medical DICOM Image Files Cause HIPAA Headache

Ct_scan_glitch

Image credits: Nucleus Medical Media

Malicious DICOM files can be crafted to contain both CT and MRI scan imaging data and potentially dangerous PE executables, a process which can be used by threat actors to hide malware inside seemingly harmless files.

Cylera's Markel Picado Ortizachieved this by taking advantage of a DICOM format design flaw which allows for the "128-byte section at the beginning of the file, called the Preamble," to be modified to addcompatibility with non-DICOM image viewers.

The files resulting from embedding a malicious component within a DICOM imaging document "which intertwine executable malware with patient information" are called by CyleraPEDICOM files.

Hiding multiple streams of data within the same file is definitely not something new (see HERE,HERE, and HERE) but using .dcm files to spread malicious binaries is definitely a novel approach.These types of files are known as "polyglot files" which can contain two streams of data containing...(continued)

View All Trending Stories