Iron Castle Systems

Skip to content

VMware
AWS
Powershell
Security
Projects
Misc.
Client Access
About

Search for:

Creating a YARA Rule to Detect Obfuscated Strings, (Mon, Sep 4th)

September 4, 2023 David Leave a comment

This post was originally published on this site

I wrote a blog post "Quickpost: Analysis of PDF/ActiveMime Polyglot Maldocs" on how to analyse PDF/ActiveMime polyglot malicious document files and also developed a YARA rule to detect them.

Post navigation

Previous PostWhat is the origin of passwords submitted to honeypots?, (Sat, Sep 2nd)Next PostPSResourceGet Release Candidate is Now Available

Leave a Reply Cancel reply

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

VMware

Datastore - VMName-flat.vmdk keeps on expanding April 19, 2024
I want to remove the last esxi 7 host with VDS from a cluster April 19, 2024
VMesxi8.0.2 - No compatible network adapter found April 19, 2024
Malware protection Akira April 19, 2024
Mellanox Weird Error April 18, 2024

SANS Security

ISC Stormcast For Friday, May 3rd, 2024 https://isc.sans.edu/podcastdetail/8966, (Fri, May 3rd) May 3, 2024
Scans Probing for LB-Link and Vinga WR-AC1200 routers CVE-2023-24796, (Thu, May 2nd) May 2, 2024
ISC Stormcast For Thursday, May 2nd, 2024 https://isc.sans.edu/podcastdetail/8964, (Thu, May 2nd) May 2, 2024
ISC Stormcast For Wednesday, May 1st, 2024 https://isc.sans.edu/podcastdetail/8962, (Wed, May 1st) May 1, 2024
Linux Trojan - Xorddos with Filename eyshcjdmzg, (Mon, Apr 29th) May 1, 2024

AWS

Build RAG applications with MongoDB Atlas, now available in Knowledge Bases for Amazon Bedrock May 2, 2024
Stop the CNAME chain struggle: Simplified management with Route 53 Resolver DNS Firewall May 1, 2024
Add your Ruby gems to AWS CodeArtifact April 30, 2024
Amazon Titan Text Embeddings V2 now available in Amazon Bedrock, optimized for improving RAG April 30, 2024
Amazon Q Business, now generally available, helps boost workforce productivity with generative AI April 30, 2024

Microsoft

Leading in the era of AI: How Microsoft’s platform differentiation and Copilot empowerment are driving AI Transformation April 24, 2024
Manufacturing for tomorrow: Microsoft announces new industrial AI innovations from the cloud to the factory floor April 17, 2024
Microsoft and G42 partner to accelerate AI innovation in UAE and beyond April 16, 2024
Announcing new Microsoft AI Hub in London April 8, 2024
Advancing science: Microsoft and Quantinuum demonstrate the most reliable logical qubits on record with an error rate 800x better than physical qubits April 3, 2024

Iron Castle Systems

Tag Cloud

AWS
Microsoft
Powershell
SANS
Security
Virtualization
VMware

Recent Posts

Scans Probing for LB-Link and Vinga WR-AC1200 routers CVE-2023-24796, (Thu, May 2nd) May 2, 2024
Stop the CNAME chain struggle: Simplified management with Route 53 Resolver DNS Firewall May 1, 2024
Linux Trojan – Xorddos with Filename eyshcjdmzg, (Mon, Apr 29th) April 30, 2024
Add your Ruby gems to AWS CodeArtifact April 30, 2024
Another Day, Another NAS: Attacks against Zyxel NAS326 devices CVE-2023-4473, CVE-2023-4474, (Tue, Apr 30th) April 30, 2024

Archives

Iron Castle System info@ironcastle.net Proudly powered by WordPress Theme - twentyfourteen

Manage Cookie Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options Manage services Manage {vendor_count} vendors Read more about these purposes

View preferences

{title} {title} {title}