In diary entry “Maldoc Analysis of the Weekend”, I use the strings method explained in diary entry “Quickie: String Analysis is Still Useful” to quickly locate the PowerShell command hidden in a malicious Word document.
Another piece of malicious code spotted on GitHub this time. By the way, this is the perfect example to demonstrate that protecting users via a proxy with web-categorization is useless… Event sites from the Alexa Top-1M may deliver malicious content (Github current position is 51). The URL has been found in a classic email phishing […]
Yesterday I stumbled upon a PDF file that was flagged as suspicious by a customer’s anti-malware solution and placed in the quarantine. Later, the recipient contacted the team in charge of emails to access his document because he knew the sender and pretended that the file was legit.
This month, we got patches for 74 vulnerabilities in total. One of them has been exploited and two vulnerabilities have been made public before today.