Loose .zips sink chips: How poisoned archives can hack your computer
June 5, 2018
Booby-trapped archive files can exploit vulnerabilities in a swath of software to overwrite documents and data elsewhere on a computer’s file system – and potentially execute malicious code.
Specifically, the flaws, dubbed “Zip Slip” by its discoverers at security outfit Snyk, is a path traversal flaw that can potentially be exploited to perform arbitrary code execution attacks. It affects certain tools that handle .zip, .tar, .war, .cpio, and .7z formats.
A strong cybersecurity strategy starts with secure backups in case you ever need to restore your data. CYF4® – Enveloc® FedRAMP Azure Government Cloud Backup uses the Azure Government Cloud combined with End-to-End AES 256-bit encryption to protect your data.