Chat Files Shared - Trust Nobody. No Exceptions
Your marketing team uses one of the popular chat applications or collaboration platforms to share files daily: campaign assets, creative briefs, and competitor analysis. An external chat participant shared an SVG image file that was unknowingly downloaded from an infected website.
Are you protected?
Use Case
Your marketing team uses one of the popular chat applications or collaboration platforms to share files daily: campaign assets, creative briefs, and competitor analysis.
An external chat participant shared an SVG image file that was unknowingly downloaded from an infected website.
The Attack Scenario
Unbeknownst to the external chat participant, the downloaded SVG image file is infected by one or more known vulnerabilities that can be included inside a legitimate SVG image file: ● Embedded JavaScript (XSS - Cross-Site Scripting) ● Event Handlers in SVG Elements ● External Resource Loading ● Malicious CSS ● "Billion Laughs" attack.
In this use case, the seemingly innocuous SVG image file could contain one or more modern cyberattacks, providing attackers with a backdoor into the chat participants' networks, potentially leading to widespread ransomware or data exfiltration days or weeks later.
How do conventional cyber defenses intervene?
Mostly, attacks such as this pass freely through the conventional cyber defenses: ● Firewalls ● Antivirus ● Antimalware ● Secure Email Gateways/Mail Relays ● Web proxies ● Secure browsers ● EDR/XDR ● WAF ● Sandboxes.
How does Yazam CDR technology intervene?
Yazam Processes CDR filter arrived files by the popular chat and messaging applications: ● WhatsApp ● Telegram ● Facebook Messenger ● WeChat ● QQ ● Line ● Slack ● Microsoft Teams ● Google Chat ● Signal.
The Yazam CDR Engine identified the non-conforming, potentially malicious elements deeply embedded within the SVG file, checked if they were malicious, removed them completely if needed, and then reconstructed a clean, functional SVG file.
When using the Yazam CDR technology, the chat participant receives the legitimate file and is informed about the sophisticated attacks that were just neutralized. This isn't a hypothetical scenario; it represents the daily reality of advanced cyber threats. Yazam provides the critical, proactive layer that ensures your organization isn't just reacting to attacks, but effectively preventing them.
Want To Really Secure Share Files in Chats? Contact YazamTech Today
