0 votes
17 views
What is Testing Weaponized Documents and Malicious Scripts?
in Technology by (185k points)

1 Answer

0 votes
Testing Weaponized Documents and Malicious Scripts
Testing Weaponized Documents and Malicious Scripts

There are various approaches to detecting weaponized documents.

Approaches to detecting weaponized documents:

  • Heuristics that evaluate the macros or Visual Basic Scripts in the document, as part of static analysis by using a file scanner.

  • Behavior monitoring of the file being executed in a sandbox or emulator.

  • Lockdown tools that prevent the use of PowerShell WScript, CScript, and so on.

  • Context-aware run time behavior monitoring, that can detect a malicious combination of activity, like a when a word document from an email is opened, it runs WScript or PowerShell to download and install another executable.

However, while testing, it is important to understand how the attack was blocked, as much as finding out if the attack was blocked.

by (185k points)

Related questions

0 votes
1 answer 15 views
0 votes
1 answer 14 views
14 views asked Oct 24, 2020 in Technology by JackTerrance (185k points)
0 votes
1 answer 28 views
0 votes
1 answer 16 views
0 votes
1 answer 34 views
0 votes
1 answer 15 views
0 votes
1 answer 20 views
0 votes
1 answer 12 views
12 views asked Nov 26, 2020 in Technology by Editorial Staff (48.2k points)
0 votes
1 answer 38 views
38 views asked Oct 29, 2020 in Technology by JackTerrance (185k points)
0 votes
1 answer 14 views
14 views asked Oct 28, 2020 in Technology by JackTerrance (185k points)
0 votes
1 answer 218 views
...