Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
MALICIOUS PDF
2010-09-26	Daniel Wesemann	PDF analysis paper
2010-04-08	Bojan Zdrnja	JavaScript obfuscation in PDF: Sky is the limit
MALICIOUS
2023-06-24/a>	Guy Bruneau	Email Spam with Attachment Modiloader
2018-09-20/a>	Xavier Mertens	Hunting for Suspicious Processes with OSSEC
2018-06-18/a>	Xavier Mertens	Malicious JavaScript Targeting Mobile Browsers
2018-06-05/a>	Xavier Mertens	Malicious Post-Exploitation Batch File
2018-03-05/a>	Xavier Mertens	Malicious Bash Script with Multiple Features
2017-10-27/a>	Renato Marinho	"Catch-All" Google Chrome Malicious Extension Steals All Posted Data
2017-09-18/a>	Xavier Mertens	Getting some intelligence from malspam
2017-08-29/a>	Renato Marinho	Second Google Chrome Extension Banker Malware in Two Weeks
2017-03-04/a>	Xavier Mertens	How your pictures may affect your website reputation
2016-11-16/a>	Xavier Mertens	Example of Getting Analysts & Researchers Away
2010-12-01/a>	Deborah Hale	A Gentle Reminder - It is that time of year again
2010-11-02/a>	Johannes Ullrich	Limited Malicious Search Engine Poisoning for Election
2010-09-26/a>	Daniel Wesemann	PDF analysis paper
2010-04-08/a>	Bojan Zdrnja	JavaScript obfuscation in PDF: Sky is the limit
2009-05-27/a>	donald smith	Host file black lists
PDF
2023-09-03/a>	Didier Stevens	Analysis of a Defective Phishing PDF
2023-04-12/a>	Brad Duncan	Recent IcedID (Bokbot) activity
2022-07-29/a>	Johannes Ullrich	PDF Analysis Intro and OpenActions Entries
2022-07-18/a>	Didier Stevens	Adding Your Own Keywords To My PDF Tools
2022-05-07/a>	Guy Bruneau	Phishing PDF Received in my ISC Mailbox
2022-04-25/a>	Xavier Mertens	Simple PDF Linking to Malicious Content
2020-05-02/a>	Guy Bruneau	Phishing PDF with Unusual Hostname
2020-03-14/a>	Didier Stevens	Phishing PDF With Incremental Updates.
2019-09-22/a>	Didier Stevens	Video: Encrypted Sextortion PDFs
2019-09-16/a>	Didier Stevens	Encrypted Sextortion PDFs
2019-04-01/a>	Didier Stevens	Analysis of PDFs Created with OpenOffice/LibreOffice
2019-02-14/a>	Xavier Mertens	Suspicious PDF Connecting to a Remote SMB Share
2018-08-12/a>	Didier Stevens	A URL shortener handy for phishers
2018-01-02/a>	Didier Stevens	PDF documents & URLs: video
2017-12-24/a>	Didier Stevens	PDF documents & URLs: update
2017-12-23/a>	Didier Stevens	Encrypted PDFs
2017-11-05/a>	Didier Stevens	Extracting the text from PDF documents
2017-11-04/a>	Didier Stevens	PDF documents & URLs
2017-04-23/a>	Didier Stevens	Malicious Documents: A Bit Of News
2016-01-01/a>	Didier Stevens	Failure Is An Option
2015-09-19/a>	Didier Stevens	Don't launch that file Adobe Reader!
2015-08-28/a>	Didier Stevens	Test File: PDF With Embedded DOC Dropping EICAR
2015-08-26/a>	Didier Stevens	PDF + maldoc1 = maldoc2
2015-04-19/a>	Didier Stevens	Handling Special PDF Compression Methods
2013-02-17/a>	Guy Bruneau	Adobe Acrobat and Reader Security Update Planned this Week
2013-02-13/a>	Swa Frantzen	More adobe reader and acrobat (PDF) trouble
2011-07-10/a>	Raul Siles	Jailbreakme Takes Advantage of 0-day PDF Vuln in Apple iOS Devices
2011-03-29/a>	Daniel Wesemann	Malware emails with fake cellphone invoice
2011-03-09/a>	Kevin Shortt	AVG Anti-Virus 2011 False Positives - Luhe.Exploit.PDF.B
2011-01-13/a>	Rob VandenBrink	Blackberry BES Server Updates for PDF Vulnerabilities
2010-12-15/a>	Manuel Humberto Santander Pelaez	Vulnerability in the PDF distiller of the BlackBerry Attachment Service
2010-09-26/a>	Daniel Wesemann	PDF analysis paper
2010-09-02/a>	Daniel Wesemann	SDF, please!
2010-08-22/a>	Manuel Humberto Santander Pelaez	Anatomy of a PDF exploit
2010-08-06/a>	Rob VandenBrink	FOXIT PDF Reader update to resolve iPhone/iPad Jailbreak issue ==> http://www.foxitsoftware.com/announcements/2010861227.html
2010-08-05/a>	Manuel Humberto Santander Pelaez	Adobe Acrobat Font Parsing Integer Overflow Vulnerability
2010-07-04/a>	Manuel Humberto Santander Pelaez	Malware inside PDF Files
2010-06-09/a>	Deborah Hale	Best Practice to Prevent PDF Attacks
2010-04-22/a>	John Bambenek	Data Redaction: You're Doing it Wrong
2010-04-08/a>	Bojan Zdrnja	JavaScript obfuscation in PDF: Sky is the limit
2010-03-31/a>	Johannes Ullrich	PDF Arbitrary Code Execution - vulnerable by design.
2010-01-15/a>	Kevin Liston	Clearing some things up about Adobe
2010-01-14/a>	Bojan Zdrnja	PDF Babushka
2010-01-05/a>	Guy Bruneau	New poll on handling PDF documents
2010-01-04/a>	Bojan Zdrnja	Sophisticated, targeted malicious PDF documents exploiting CVE-2009-4324
2009-12-15/a>	Johannes Ullrich	Adobe 0-day in the wild - again
2009-12-01/a>	Chris Carboni	Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service
2009-05-29/a>	Lorna Hutcheson	Blackberry Server Vulnerability
2009-05-24/a>	Raul Siles	Analyzing malicious PDF documents
2009-03-18/a>	Adrien de Beaupre	Adobe Security Bulletin Adobe Reader and Acrobat
2009-02-25/a>	Andre Ludwig	Preview/Iphone/Linux pdf issues
2009-02-25/a>	Andre Ludwig	Adobe Acrobat pdf 0-day exploit, No JavaScript needed!
2008-11-11/a>	Swa Frantzen	Acrobat continued activity in the wild
2008-11-10/a>	Stephen Hall	Adobe Reader Vulnerability - part 2
2008-09-03/a>	Daniel Wesemann	Static analysis of Shellcode
2008-07-15/a>	Maarten Van Horenbeeck	Extracting scripts and data from suspect PDF files
2008-04-24/a>	Maarten Van Horenbeeck	Targeted attacks using malicious PDF files

MALICIOUS PDF

MALICIOUS

PDF