Scenarios issuing BLOCK action.
View All Tags
The Windows shortcut (LNK) files are frequently used for malicious purposes by threat actors. In this article we are going to cover an example scenario, which takes a couple of characteristics into account to block potentially malicious shortcut files.
The malicious directory traversal has been exploited for years by threat actors, taking different forms, such as Zip Slip.
While Contextal Platform collects information from malware scanners, it does not, by default, take any direct actions on infected objects. Instead, it leaves the decision to users on how to handle detected malware. In this article, we will demonstrate an example scenario that can be deployed to block malicious objects.