Welcome to the ViCheck blog, we're hoping to use this forum for updates on the malware analysis scene. Current trends are showing a rise in document format malware, viruses embedded in Adobe PDF or MS Office documents are difficult to detect. Our malware analysis engine at ViCheck.ca can detect current PDF exploits (media.newPlayer being the current favorite), as well as executables embedded in documents.
Yesterday's Google blog post has again highlighted the risks of PDF based malware against private corporations, government, and human rights groups. To reduce the risk from this type of malware, Javscript can be disabled in Acrobat Reader.
Recent ViCheck analysis reports of malware, including PDF viruses can be accessed from our website.
Update: base64dump.py Version 0.0.9 - During last week’s private maldoc training, I got the idea to update base64dump with 2 extra encodings, and add YARA support. The new encodings are “bx = b...
1 week ago