The practice of concealing a file within another one. For example, a social engineer might hide a malicious executable inside a JPEG file, which he then emails to his victim. Upon clicking a seemingly benign photo, a malicious trojan then gets activated which communicates back to the attacker’s command and control centre. This makes steganography a useful technique for data exfiltration or credential harvesting. Steganographic techniques can also be used by rogue employees to exfiltrate data out of an organisation by hiding confidential files, e.g. customer database files that are hidden amongst graphic design files.