The science and art of detecting zero-day phishing and malware campaigns depends on leveraging our knowledge of previous threats. Establishing digital fingerprints, called “fuzzy hashes,” is one way that security teams can identify similarities between novel files and confirmed threats. Ssdeep is a software program that creates fuzzy hashes, which can be used to identify similar content in files by finding patterns in code. Despite changes, some code may remain consistent across content, providing clues to detect malware. While the use of ssdeep in detecting malware is well-established, effectively utilizing it to detect novel malware threats requires the use of […]
The post Enhancing Phishing and Malware Detection with ssdeep Fuzzy Hashing appeared first on Check Point Blog.