A new open-source tool called PDF Object Hashing is designed to detect malicious PDFs by analyzing their structural “fingerprints.” Released by Proofpoint, the tool empowers security teams to create robust threat detection rules based on unique object characteristics in PDF files. This innovation addresses the growing reliance of threat actors on PDFs for delivering malware, […] The post New PDF Tool to Detect Malicious PDF Using PDF Object Hashing Technique appeared first on Cyber Security News.

An open-source tool called RealBlindingEDR enables attackers to blind, permanently disable, or terminate antivirus (AV) and endpoint detection and response (EDR) software by clearing critical kernel callbacks on Windows systems. Released on GitHub in late 2023, the utility leverages signed drivers for arbitrary memory read and write operations, bypassing protections like PatchGuard to target six […] The post RealBlindingEDR Tool That kills or Permanently Turn off AV/EDR Using Kernel Callbacks appeared first on Cyber Security News.

Clicking on a malicious link can quickly turn your device into a security risk. Just seconds after clicking, your browser might start downloading malware, taking advantage of weaknesses, or sending you to fake websites that try to steal your personal information. The crucial moments following this action determine whether you’ll successfully contain the threat or […] The post 5 Immediate Steps to be Followed After Clicking on a Malicious Link appeared first on Cyber Security News.

Forensic-Timeliner, a Windows forensic tool for DFIR investigators, has released version 2.2, which offers enhanced automation and improved artifact support for digital forensics and incident response operations. This high-speed processing engine consolidates CSV output from leading triage utilities into a unified timeline, empowering analysts to reconstruct event sequences and identify key indicators of compromise rapidly. […] The post Forensic-Timeliner – Windows Forensic Tool for DFIR Investigators appeared first on Cyber Security News.

AmCache plays a vital role in identifying malicious activities in Windows systems. This tool allows the identification of both benign and malicious software execution on a machine.  Managed by the operating system and virtually tamper-proof, AmCache data endures even when malware auto-deletes itself, making it indispensable in incident response.  AmCache stores SHA-1 hashes of executed […] The post New AmCache EvilHunter Tool For Detecting Malicious Activities in Windows Systems appeared first on Cyber Security News.

A new proof-of-concept (PoC) tool named Obex has been released, offering a method to prevent Endpoint Detection and Response (EDR) and other monitoring solutions’ dynamic-link libraries (DLLs) from loading into processes. The tool, created by a researcher known as “dis0rder0x00,” is designed to block specified DLLs both during the initial startup of a process and […] The post New Obex Tool Blocks EDR Dynamic Libraries From Loading at Runtime appeared first on Cyber Security News.

Security Operations Centers (SOCs) protect organizations’ digital assets from ongoing cyber threats. To assess their effectiveness, SOCs use key performance indicators (KPIs) such as Mean Time to Detect (MTTD) and False Positive Rate (FPR). Although these metrics are often seen as separate, they are closely interconnected; improving one can directly enhance the other. By integrating […] The post How SOC Teams Detect Can Detect Cyber Threats Quickly Using Threat Intelligence Feeds appeared first on Cyber Security News.

As attackers increasingly leverage Scalable Vector Graphics (SVG) for stealthy code injection, security researchers face mounting challenges in detecting obfuscated payloads embedded within SVG assets.  The SVG Security Analysis Toolkit by HackingLZ offers a comprehensive solution: a suite of four Python-based tools designed to reveal hidden scripts, decode obfuscated URLs, and verify protection mechanisms, all […] The post SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG Files appeared first on Cyber Security News.