[SANS ISC] Video: YARA Rules for Office Maldocs, (Sun, Nov 28th)

In this video, I show and explain the YARA rules I covered in diary entries “Extra Tip For Triage Of MALWARE Bazaar’s Daily Malware Batches” , “Simple YARA Rules for Office Maldocs” and “YARA Rule for OOXML Maldocs: Less False Positives“.

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Source: Read More (SANS Internet Storm Center, InfoCON: green)

You might be interested in …

[HackerNews] Several Malicious Typosquatted Python Libraries Found On PyPI Repository

All posts, HackerNews

As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again highlighting how software package repositories are evolving into a popular target for supply chain attacks. “Lack of moderation and automated security controls in public software repositories allow even inexperienced […]

Read More

[ZDNet] Malsmoke hackers abuse Microsoft signature verification in ZLoader cyberattacks

All posts, ZDNet

Malware exploits the system to steal credentials and other data. Source: Read More (Latest topics for ZDNet in Security)

Read More

[ThreatPost] Critical CISO Initiatives for the Second Half of 2021

All posts, ThreatPost

Saryu Nayyar, CEO at Gurucul, goes over what defenses CISOs need now, and how and why to prioritize the options. Source: Read More (Threatpost)

Read More