Welcome to the ViCheck blog, we're hoping to use this forum for updates on the malware analysis scene. Current trends are showing a rise in document format malware, viruses embedded in Adobe PDF or MS Office documents are difficult to detect. Our malware analysis engine at ViCheck.ca can detect current PDF exploits (media.newPlayer being the current favorite), as well as executables embedded in documents.
Yesterday's Google blog post has again highlighted the risks of PDF based malware against private corporations, government, and human rights groups. To reduce the risk from this type of malware, Javscript can be disabled in Acrobat Reader.
Recent ViCheck analysis reports of malware, including PDF viruses can be accessed from our website.
Update: format-bytes.py Version 0.0.9 - This new version of format-bytes brings support for TLV records. Here is an example with certificates in the Windows registry: More details will be provide...
6 days ago