PDF and Flash files under threat from cryptic code
PDF and Flash files are under attack by criminals using code obfuscation' and the latest Web 2.0 techniques, according to a report by Finjan.
The new report claimed that malicious obfuscated code' - meaning source code or intermediate code which is very hard to read or understand - has now evolved into a serious threat.
Ben-Itzhak said this offered crimeware authors ways to inject malicious code into rich-content files used by ads and user-generated content for Web 2.0 websites.
Obfuscated code has been around a while; it has been reportedly been used since 2005 as a weapon for propagating malicious code. It was able to bypass the traditional signature-based solutions which had been used by security vendors.
Finjan claimed code obfuscation utilities and other encoding methods allowed cybercriminals to plant invisible' malicious code, which infected a user's machine every time they visited the malicious site.
Last year IT PRO looked at the threat provided by dynamic code obfuscation'.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now