Blog Tag: Data-Sanitization

Data Sanitization against Steganography, Evasion

November 06, 2018 by Taeil Goh
We have warned about the risk of steganography in the previous blog. Steganography is the method of concealing messages, images, videos or malware within a file or a message. We have now observed steganography in actual attacks*. Just...

Defending Against SettingContent-MS being used in MS Office and PDF Files

July 31, 2018 by Taeil Goh
Summary SettingContent-ms is an XML file that allows users to create a shortcut to Windows 10 setting pages. Recently a serious vulnerability was published by Matt Nelson, a researcher at SpecterOps. Only a week after his report, it...

Fighting Attacks Using CAD application files

July 09, 2018 by Taeil Goh
OPSWAT Data Sanitization (Content Disarm and Reconstruction) focuses on the application file (e.g., Microsoft Office document) to keep it from being used as a delivery method for unknown threats (e.g., zero-day threats). We categorize...

OPSWAT MetaDefender Protects Against Offensive Zero-Day Capabilities

March 24, 2018 by Jianpeng Mo
Zero-day attacks are no longer limited to hacker groups and companies; governments have been exploring the use of offensive zero-day capabilities. In fact, state actors, including the U.S., are some of the biggest customers for new...

Disarming a Multi-Stage Macro-Less Word Attack with Data Sanitization

March 05, 2018 by Taeil Goh
In November 2017, we published a blog post about how OPSWAT data sanitization (CDR) blocks macro-less attacks that use Microsoft Word documents. Recently, Trustwave published an article describing another...