Introduction
We know malware doesn’t take a day off, but we hope you will enjoy the winter holiday season. Welcome back, and let’s start the new year with another awesome release of VMRay Analyzer.
The first news is improving our release versioning convention. The release name now reflects a chronological timeline to avoid confusion with major and minor versions. Following our quarterly release cycle, the first release of this year is 2023.1.0; the consecutive will be 2023.2.0, 2023.3.0 and 2023.4.0. Our Cloud customers only need to check the highlights of the released features as we do the update for you. Our On Premises customers will benefit from always installing the latest release.
Let’s dive into our latest achievements of the 2023.1.0 release:
- Sharing our analysis of public threats
- Refining features of the IR Mailbox
- Keeping up to date with the threat landscape
Say hello to an old friend:
VMRay Public Threat Feed
At VMRay, we perform thousands of public malware analyses daily, as investigating public threats has been on our radar for years. Our labs team constantly improves and contributes to the security community by analyzing and commenting on public samples from Virustotal and MalwareBazaar.
Monitoring the threat landscape has been present in our ecosystem for a long time. Publicly accessible reports of the samples we analyzed and commented on have been, so far, only available in the VMRay Public Threat Feed hosted on our web page.
In this release, we decided to integrate it into our core product. With this simple yet powerful feed, you stay up-to-date on public malware analyzed with the VMRay Analyzer when using the Console. This innovative feature aims at increasing the visibility of the surrounding malware.
Check up VMRay Public Threat Feed and don’t hesitate to share your feedback during our service review calls.
IR Mailbox
Emails with Password Protected Attachments
Security Email Gateway is a tricky subject, as in some cases, even with advanced protection mechanisms, malware can enter the network without being detected.
We keep improving VMRay’s capabilities to help our customers automate user-reported phishing scenarios. One of the most significant achievements in this field is a refined password extraction mechanism.
Now, when you submit an email containing a password-protected object to VMRay via the IR Mailbox, the password is automatically extracted from the email body or subject. Then, the samples inside can go through all Static and Dynamic Analysis stages.
Supported file types include encrypted PDFs, Office documents (.doc, .docx, .xls, .xlsx, .ppt, .pptx.), archives, RARs and 7Zs. You can find the extracted passwords in the Analyses > Files tab.
Reactions to the Latest Trends in the Threat Landscape
We at VMRay are committed to constantly reacting to new trends in threat landscape. We deploy that regularly for our On Premises customers, but now it’s time to speak about it.
The 2023.1.0 release brings support for the new Chrome browser version 106 and Windows 10 2004 H1 versions. Supporting new system and browser versions is essential for the security domain as we want to be ready for the existing threats and those targeted for the latest versions. That’s why it is important for us to apply continuous improvement to our core technologies.
Additionally, we upgraded config extraction output to the latest version of the MWCP framework (3.8), the open-source config format we use to present our extracted configurations.
Final Thoughts
To wrap up, staying up-to-date is a big deal for the security domain.
With this release, we focus on making you aware of the public threats and keeping our core technologies the latest. We also hope you’ll enjoy using the IR Mailbox and make the email world more secure with a password extraction mechanism.
The new year will bring more interesting news, and we expect 2023 to reveal a long-awaited feature announcement.