How can we identify and block emerging PDF malware attacks?

Source: Internet
Author: User

Recently, I found that PDF files are increasingly used for advanced persistent threat attacks. Can you describe some new technologies used in PDF attacks? In addition, can you recommend some tools that can scan PDF malware? Can anti-malware or email scanning monitor such threats? Nick Lewis: advanced persistent threat (APT) attacks are likely to take advantage of PDF files, because most common users think that PDF files are safe, PDF files are also widely used in commercial and daily email attachments. Hackers use phishing emails to disguise fax messages and scan and send notifications from multi-function printers to lure users into opening "trustworthy" malicious files. To reduce the threat caused by malicious PDF software, it is best to combine security awareness and technical control, because any method cannot protect all situations. Simply put, traditional anti-malware or email scanning cannot process these new pdf file malware attacks. However, security tools that open PDF files in the sandbox environment can be used to identify malicious behaviors in PDF files. SearchSecurity writer Lenny Zeltser described some additional tools in his blog that analyzed malware documentation that can be used to scan potentially malicious PDF files. These tools can identify potentially infected JavaScript code or command strings in files. Once the malware content is extracted, you can analyze the malware content to determine whether the external website has downloaded other malware. Therefore, all PDF files containing JavaScript code or accessing external network systems should be investigated.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.