Stegomalware is a form of malicious software that leverages steganography techniques to conceal its code, configuration data, or command-and-control (C&C) communications within seemingly benign digital media such as images, audio files, videos, documents, or network traffic. It typically embeds encrypted or obfuscated payloads into digital media and only extracts and executes them at runtime, which makes traditional signature-based and sandbox-based detection significantly more difficult. Stegomalware has been observed in attacks ranging from advanced persistent threats (APTs) to financially motivated cybercrime, and is now the subject of dedicated academic surveys, research projects, and international law-enforcement initiatives. The key distinction between stegomalware and traditional obfuscated malware lies in the encoding location. After obfuscation, malicious code remains present within the executable and can theoretically be discovered through static analysis. In contrast, stegomalware hides the payload entirely within a cover medium (image, audio, etc.), remaining invisible until the malware dynamically extracts and executes it at runtime. == History == The term stegomalware was formally introduced by researchers Águila, Laskov, and others in the context of mobile malware and presented at the Inscrypt (Information Security and Cryptology) conference in 2014. This marked the first academic formalization of the concept, though earlier work had already identified that botnets and mobile malware could use steganography and covert channels for command-and-control communication over probabilistically unobservable channels. Since its introduction, stegomalware has evolved from a theoretical concern to a documented threat. In 2011, the APT operation known as "Operation Shady RAT" became one of the first documented cases of stegomalware in the wild, using digital images to hide Internet Protocol addresses and command-and-control server addresses. The same year, the Duqu malware (targeting industrial manufacturers) embedded victim data into JPEG image files before exfiltration, making the data transfer virtually undetectable to network-level security tools. From 2014 onwards, stegomalware became more prevalent in organized cybercrime and advanced persistent threat campaigns. Notable examples include Zeus/Zbot, which masked configuration data in images; Gatak/Stegoloader, which hid shellcode in PNG files; TeslaCrypt, which embedded C&C commands in JPEGs; and Cerber, which concealed ransomware payloads within images. By the 2010s, stegomalware had become established as a preferred evasion technique for espionage, financial theft, and ransomware distribution campaigns. Recent surveys (2020–2025) document that stegomalware has increasingly been exploited by adversaries targeting banks, enterprises, government agencies, educational institutions, and internet users via malvertising campaigns. The technique is now considered a sophisticated method of attack worthy of dedicated international law-enforcement attention. == Technical Characteristics and Definitions == Stegomalware operates through a three-component architecture: Stegotext (R): An innocent-looking digital asset (image, audio file, etc.) into which the malicious payload is embedded. Secret key (sk): A key used by the embedding and extraction algorithms, typically hardcoded into the malware. Payload (p): The actual malicious code, configuration data, or C&C commands hidden within the stegotext. The malware extracts the payload at runtime using the secret key and either executes it directly or uses it to download additional stages of the attack. Stegomalware can be classified into several types based on deployment method: Type 0 (Autonomous): Both the stegotext and extraction algorithm are embedded within the malware application itself. The malicious payload is extracted and executed locally without external communication. Type I (Update): The stegotext and secret key are downloaded from a remote server at runtime; only the extraction algorithm is included in the malware. This variant is more flexible, allowing attackers to push updated payloads. Type II (External Algorithm): Neither the stegotext nor the extraction algorithm are distributed with the malware; both are fetched from an attacker-controlled infrastructure, providing maximum flexibility and evasion. == Steganography techniques == === Spatial domain methods === Stegomalware predominantly uses steganographic methods designed for images, as images are the most common cover medium in the wild. The most basic spatial domain technique is Least Significant Bit (LSB) substitution, which replaces the least significant bits of pixel color values with payload bits. While simple and easy to implement, LSB is also relatively easy to detect through statistical analysis. More sophisticated spatial domain techniques include: HUGO (High Undetectable steGO) (2010): Minimizes detectable distortion by distributing the payload across multiple pixels, achieving embedding capacity with reduced statistical footprint. WOW (Wavelet Obtained Weights) (2012): Embeds data preferentially in textured regions of images where modifications are less perceptually noticeable. UNIWARD (Universal Wavelet Relative Distortion) (2014): Uses a universal distortion function applicable to multiple image formats, balancing payload capacity with undetectability. HILL (2014): Applies high-pass and low-pass filters to identify robust embedding regions. MiPOD (Minimizing the Power of Optimal Detector) (2016): Designed to minimize the power of theoretical optimal steganalysis detectors. === Transform domain methods === Transform domain techniques convert images into the frequency domain (e.g., using DCT or DWT) before embedding, allowing for more robust hiding in JPEG and other compressed formats: Embedding in DCT coefficients (used in JPEG compression) Embedding in DWT coefficients (used in lossless formats) Spread spectrum techniques, which distribute the payload across many frequency components Transform domain methods are generally more resistant to noise, compression, and image transformations than spatial methods. === Generative adversarial network (GAN) methods === Recent advances in machine learning have introduced GAN-based steganography, where a generative model produces stego images that minimize detectable artifacts: SGAN (Steganographic GAN) (2017): First GAN applied to steganography, using a generator, discriminator, and steganalysis network. ASDL-GAN (2017): Performs automatic steganographic distortion learning at the pixel level. SteganoGAN (2019): Improves upon earlier GAN models, achieving higher embedding capacity and robustness. HiGAN (Hiding Images GAN) (2020): Enables hiding one image within another while maintaining visual plausibility. GAN-based approaches are more resilient to standard steganalysis attacks but remain an emerging threat requiring further research. == Notable malware campaigns == Stegomalware has been documented in numerous high-profile cyber attacks and campaigns. Notable examples include: Operation Shady RAT (2011): Used digital images to hide command-and-control server addresses in targeted espionage. Duqu (2011): Embedded victim data into JPEG files to exfiltrate industrial control system information. Zeus/Zbot (2014): Masked banking configuration data inside JPEG files exploited via malvertising. Gatak/Stegoloader (2015): Hid shellcode in PNG files for software licensing attacks and bot command execution. TeslaCrypt (2015): Embedded C&C commands and ransomware keys in JPEG images. Cerber (2016): Concealed executable ransomware code in JPEG files distributed via phishing. DNSChanger (2016): Embedded malicious code in PNG files for DNS hijacking campaigns. Sundown Exploit Kit (2017): Distributed exploit code in PNG files via malvertising. AdGholas (2017): Used JPEG steganography to distribute ransomware via malvertising. Synccrypt (2017): Hidden ransomware components in JPEG-steganographic encrypted archives. ZeroT/PlugX (2017): Hid Remote Access Trojan payloads in BMP files for espionage. Loki Bot (2018): Concealed malware installers in JPEG and video files. Waterbug (APT28) (2019): Injected malicious DLLs into WAV audio files. Shlayer (macOS adware) (2019): Hid malicious URLs in JPEG files via malvertising. === Attack vectors === The most common attack vectors for stegomalware include: Phishing emails with malicious attachments or links Malvertising campaigns using malicious banner advertisements Exploit kits through compromised or malicious websites Legitimate application vulnerabilities (e.g., watering-hole attacks) Fake software distribution (cracked software, keygen tools) === Exploitation stages === Stegomalware typically serves one or more roles in attack lifecycles: Payload delivery: Stego images contain full executable code or shellcode. C&C communication: Hidden data contains server addresses or command instructio
CapCut
CapCut, known domestically as JianYing (Chinese: 剪映; pinyin: Jiǎnyìng) and formerly internationally as ViaMaker, is a video editor developed by ByteDance, available as a mobile app, desktop app, and web app. == History == The app was first released in China in 2019 and was initially available for iPhone and Android. In 2020, it was rebranded in English from ViaMaker to CapCut and became available globally. It later expanded to include web and desktop versions for Mac and Windows. In 2022, CapCut reached 200 million active users. According to The Wall Street Journal, in March 2023, it was the second-most downloaded app in the U.S., behind that of Chinese discount retailer Temu. In January 2025, CapCut had over 1 billion downloads on the Google Play Store. On February 1, 2021, CapCut Pro for Windows was launched. On November 27, the Pro version for Mac was launched. In July 2025, CapCut Pro for HarmonyOS was available on HarmonyOS NEXT tablets. In July 2024, CapCut was reported by the South China Morning Post to be a generative AI (GenAI) application that led global AI app downloads, with approximately 38.42 million downloads and 323 million monthly active users. == Features == CapCut supports basic video editing functions, including editing, trimming, and adding or splitting clips. Editing projects is limited to single-layer editing, but the app supports overlay options that enable additional effects, including multi-layer editing. The app includes a library of pre-made templates and a tool that generates editable video captions. It also provides photo editing tools, including retouch and product photo features integrated within the editing interface. CapCut's video editor includes AI-based features such as video and script generation. Users can export or save completed projects directly to different social media platforms. CapCut includes a free version and a paid Pro version with cloud storage and advanced features. == Controversies == === Illegal data collection === In July 2023, many users of CapCut accused it of illegally profiting off their personal data. A class-action lawsuit filed in the U.S. District Court for the Northern District of Illinois on July 28, 2023, alleged that CapCut illegally harvests and profits from user data including biometric information and geolocation without consent. In September 2025, a federal court excluded most of the lawsuit, which alleged that TikTok’s parent company improperly scraped private data from CapCut's video editing software, as lacking grounds, with some of the class action continuing to move forward. == Bans and restrictions == === Ban in India === As a response to border clashes with China in May 2020, the Indian government banned around 56 Chinese applications including CapCut and TikTok, which is owned by CapCut's parent company ByteDance. Indian users were unable to use and download the application. As of February 2022, around 273 Chinese applications have been banned by the Indian government under the concern of national security and Indian user privacy. === Ban in the United States === On January 18, 2025, at 10 PM EST, CapCut was banned in the United States along with TikTok and all other ByteDance apps due to the implementation of the Protecting Americans from Foreign Adversary Controlled Applications Act. Hours after the suspension of services took effect, President Donald Trump indicated on Truth Social that he would issue an executive order on the day of his inauguration "to extend the period of time before the law's prohibitions take effect". On January 21, CapCut began restoring service. On February 13, Google and Apple restored CapCut on the App Store and Google Play Store.
Fatsecret
Fatsecret, commonly styled as fatsecret, is a mobile application, website and API that helps people achieve their weight loss goals and find accurate nutrition information. It also offers a weight loss clinic with coaching and medically supported programs. The platform powers global health apps. == History == Fatsecret was founded in 2006 in Melbourne, Australia by Lenny Moses and Rodney Moses. As of 2019, Lenny serves as the company's CEO. The company is known for its calorie counting and meal tracking app, and by April 2016, the company claimed to have 45 million users of its services. In August 2018, a premium version of its app was released. Since August 2009, the company has operated the Fatsecret Platform API, which allows access to its global food and nutrition database. Fatsecret reportedly had 900,000 downloads of its app in January 2020. In an analysis of several Health & Fitness app subcategories for the United States in January 2021, Fatsecret was reported to have the highest 30 day user retention rate of top Calorie Counter + Meal Planner for Weight Loss apps.
The Future of Work and Death
The Future of Work and Death is a 2016 documentary by Sean Blacknell and Wayne Walsh about the exponential growth of technology. The film showed at several film festivals including Raindance Film Festival, International Film Festival Rotterdam, Academia Film Olomouc and CPH:DOX. In May 2017 it received an official screening at the European Commission. It was distributed by First Run Features and Journeyman Pictures and was released on iTunes, Amazon Prime and On-demand on 9 May 2017. The film was made available on Sundance Now on 27 November 2017. A companion piece to the film, The Cost of Living, a documentary concerning universal basic income in Britain, was released on Amazon Prime on 8 October 2020. == Synopsis == World experts in the fields of futurology, anthropology, neuroscience, and philosophy consider the impact of technological advances on the two 'certainties' of human life; work and death. Charting human developments from Homo habilis, past the Industrial Revolution, to the digital age and beyond, the film looks at the shocking exponential rate at which mankind has managed to create technologies to ease the process of living. As we embark on the next phase of our adaptation, with automation and artificial intelligence signifying the complete move from man to machine, the film asks what the implications are for human fulfilment in an approaching era of job obsolescence and extreme longevity. == Cast == Dudley Sutton – Narrator Aubrey de Grey – Biomedical gerontologist and CSO of the SENS Research Foundation Will Self – Writer, journalist, political commentator and Professor of Contemporary Thought at Brunel University Rudolph E. Tanzi – Professor of Neurology at Harvard University and Director of the Genetics and Aging Research Unit at Massachusetts General Hospital (MGH) Martin Ford – Futurist and author Steve Fuller – Auguste Comte Chair in Social Epistemology at the Department of sociology at University of Warwick Murray Shanahan – Professor of Cognitive Robotics at Imperial College London Gray Scott – Futurist, executive producer of this production Vivek Wadhwa – Entrepreneur, academic and Director of Research at the Center for Entrepreneurship and Research Commercialization at the Pratt School of Engineering, Duke University Zoltan Istvan – Transhumanist and journalist Joanna Cook – Anthropologist, University College London Nicholas Kamara – Physician, Kable Hospital David Pearce – Transhumanist philosopher and co-founder of Humanity+ Peter Cochrane – Futurist and entrepreneur John Harris – Bioethicist, philosopher and Director of the Institute for Science, Ethics and Innovation at the University of Manchester Riva Melissa-Tez – Entrepreneur and transhumanist Ian Pearson – Futurologist Stuart Armstrong – Artificial intelligence researcher at Future of Humanity Institute
ImageMixer
ImageMixer is a brand name of video editing software that edits digital video and still image in camcorders and authors to VCD and DVD. It is a second-party Japanese product, distributed by Pixela Corporation, a Japanese manufacturer of PC peripheral hardware and multimedia software. == Bundling == ImageMixer is widely used for several camcorder brands, such as JVC, Hitachi and Canon. Also, Sony has chosen to package ImageMixer with its DVD and HDD Handycam. == ImageMixer series == ImageMixer has other series of software for digital camera, such as ImageMixer Label Maker and ImageMixer DVD dubbing. ImageMixer also has movie editing solution for Macintosh. == Windows Vista version of ImageMixer == A Windows Vista version of ImageMixer has been developed (ImageMixer3).
Foveated imaging
Foveated imaging is a digital image processing technique in which the image resolution, or amount of detail, varies across the image according to one or more "fixation points". A fixation point indicates the highest resolution region of the image and corresponds to the center of the eye's retina, the fovea. The location of a fixation point may be specified in many ways. For example, when viewing an image on a computer monitor, one may specify a fixation using a pointing device, like a computer mouse. Eye trackers which precisely measure the eye's position and movement are also commonly used to determine fixation points in perception experiments. When the display is manipulated with the use of an eye tracker, this is known as a gaze contingent display. Fixations may also be determined automatically using computer algorithms. Some common applications of foveated imaging include imaging sensor hardware and image compression. For descriptions of these and other applications, see the list below. Miniaturized foveated imaging systems can be realized by high-resolution 3D printing of multi-lens objectives directly on a CMOS (Complementary metal-oxide-semiconductor) chip. Foveated imaging is also commonly referred to as space variant imaging or gaze contingent imaging. == Applications == === Compression === Contrast sensitivity falls off dramatically as one moves from the center of the retina to the periphery. In lossy image compression, one may take advantage of this fact in order to compactly encode images. If one knows the viewer's approximate point of gaze, one may reduce the amount of information contained in the image as the distance from the point of gaze increases. Because the fall-off in the eye's resolution is dramatic, the potential reduction in display information can be substantial. Also, foveation encoding may be applied to the image before other types of image compression are applied and therefore can result in a multiplicative reduction. === Foveated sensors === Foveated sensors are multiresolution hardware devices that allow image data to be collected with higher resolution concentrated at a fixation point. An advantage to using foveated sensor hardware is that the image collection and encoding can occur much faster than in a system that post-processes a high resolution image in software. === Simulation === Foveated imaging has been used to simulate visual fields with arbitrary spatial resolution. For example, one may present video containing a blurred region representing a scotoma. By using an eye-tracker and holding the blurred region fixed relative to the viewer's gaze, the viewer will have a visual experience similar to that of a person with an actual scotoma. === Video gaming === Foveated rendering is a rendering optimization technique which uses an eye tracker integrated with a virtual reality headset to reduce the rendering workload by greatly reducing the image quality in the peripheral vision (outside of the zone gazed by the fovea).. However, other than the near-eye displays (e.g., virtual reality headset), foveated rendering is also suitable for large high-resolution display walls, desktop monitor, and even for smart phones. Over the time different foveated rendering techniques are proposed, for instance, adaptive resolution, geometric simplification, shading simplification and chromatic degradation, spatio-temporal deterioration . If we consider the variable sample distribution of physically-based rendering under the shader (e.g., hit/miss etc.), then this degradation strategies are applied on overall foveated rendering. At the CES 2016, SensoMotoric Instruments (SMI) demoed a new 250 Hz eye tracking system and a working foveated rendering solution. It resulted from a partnership with camera sensor manufacturer Omnivision who provided the camera hardware for the new system. The Apple Vision Pro mixed reality headset features dynamic foveated rendering provided by its visionOS operating system. === Quality assessment === Foveated imaging may be useful in providing a subjective image quality measure. Traditional image quality measures, such as peak signal-to-noise ratio, are typically performed on fixed resolution images and do not take into account some aspects of the human visual system, like the change in spatial resolution across the retina. A foveated quality index may therefore more accurately determine image quality as perceived by humans. === Image database retrieval === In databases that contain very high resolution images, such as a satellite image database, it may be desirable to interactively retrieve images in order to reduce retrieval time. Foveated imaging allows one to scan low resolution images and retrieve only high resolution portions as they are needed. This is sometimes called progressive transmission. == Example images ==
Enterprise mobile application
The term enterprise mobile application is used in the context of mobile apps created/brought by individual organizations for their workers to carry out the functions required to run the organization. It is the process of building a mobile application for the requirements of an enterprise. An enterprise mobile application belonging to an organization is expected to be used by only the workers of that organization. The definition of enterprise mobile application does not include the mobile apps that an organization create for its customers or consumers of the products or services generated by the organization. == Example == An organization, whether for-profit or non-profit, may create a mobile app for its members to track inventory levels of supplies they distribute to their target communities or materials used in product manufacturing. Such a mobile app comes under the definition of enterprise mobile application. However, the same organization may also create another mobile app to sell their products to end users or spread awareness of their services to various communities, and that mobile app would not come under definition of enterprise mobile application. == Enterprise mobile solution providers == Enterprise Mobile solution providers create and develop apps for individual organizations that can buy instead of creating the apps themselves. Reasons for Organizations buying the apps include time and cost savings, technical expertise. Today Enterprise Mobility is playing track role for enterprise transformation. Today, enterprises needs productivity is a fast way. Enterprise mobility helps business owners to build their work in a progressive way by assisting enterprise mobility solutions.