Steganography enables sophisticated OceanLotus payloads — Research Saturday

Researchers at Blackberry Cylance have been tracking payload obfuscation techniques employed by OceanLotus (APT32), specifically steganography used to hide code within seemingly benign image files.

Tom Bonner is director of threat research at Blackberry Cylance, and he joins us to share their findings.

The original research can be found here:
https://www.cylance.com/en-us/lp/threat-research-and-intelligence/oceanlotus-steganography-malware-analysis-white-paper-2019.html

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.