I published the following diary on isc.sans.edu: “Custom Python RAT Builder“:
This week I already wrote a diary about “code reuse” in the malware landscape but attackers also have plenty of tools to generate new samples on the fly. When you received a malicious Word documents, it has not been prepared by hand, it has been for sure automatically generated. Except if you’re a “nice” target for attackers and victim of some kind of “APT”. The keyword here is “automation”. If defenders try to automate as much as possible, attackers too… [Read more]