Category: Engine

Cerbero Suite 7.1 Release

πŸš€ We’re elated to announce the rollout of Cerbero Suite 7.1 and Cerbero Engine 4.1! In this post, we’ll explore the most important new features that this release introduces.

File Info Workspace

The spotlight feature of this release is undoubtedly the file info view. This versatile view provides you with a detailed list of a file’s properties and an array of other valuable information.

What makes this particularly useful is the introduction of an additional workspace in Cerbero Suite. This new workspace leverages the file info view and can be accessed via the shell context menu, giving you immediate access to essential file details and its content.

Continue reading “Cerbero Suite 7.1 Release”

Cerbero Suite 7 Release

πŸš€ Big News! We’re thrilled to announce the launch of Cerbero Suite 7 and Cerbero Engine 4. In this post we’ll dive into the arsenal of enhanced features, refined interfaces, and cutting-edge capabilities designed to provide unparalleled insights into the most enigmatic malware threats.

πŸ” What’s New in 7.0?

  • Unified Editions: We have simplified our offering by unifying the editions of Cerbero Suite, thereby removing the distinction between the Standard and Advanced editions.
  • Simplified Renewal Process: From the inception of version 7’s life-cycle, every license purchased will be valid for 1 year, irrespective of the purchase date, and will encompass updates to any major new versions within that year-long period.
  • New Features: A fast text view with syntax highlighting, optimized for previewing large files, and a new interface to display file system structures are just two of the features we’ve added.
  • Redesigned UI: Navigate through a more intuitive, responsive, and streamlined user interface, enhancing your analytical workflows.
  • Python Workspace: Use our improved Python Workspace to edit your scripts with the help of auto-completion.
  • Cerbero Store: A refined interface to navigate and install packages.

πŸ›‘οΈ Stay Up-To-Date Against Threats
Through the packages offered on Cerbero Store, we remain committed to delivering the fastest updates to counter the latest threats.

πŸ“° Cerbero Journal Reader
Beginning with this release of Cerbero Suite, our customers will enjoy a 3-month early access to Cerbero Journal, our company’s e-zine.

πŸ’΅ Launch Promotion
Secure your copy within the first 14 days and enjoy an exclusive launch discount!

Continue reading “Cerbero Suite 7 Release”

Cerbero Suite 6.2 and Cerbero Engine 3.2 are out!

We recently released three commercial packages: OneNote Format, Simple Batch Emulator and PowerShell Beautifier.

In this release we moved a number of features to optional packages so that we can more rapidly update them. Cerbero Store now has the following additional packages:

– JavaScript Beautifier (all licenses)
– EML Format (all advanced licenses)
– Torrent Format (all advanced licenses)
– ShellcodeToExecutable (all advanced licenses)
– Tor Downloader (all advanced licenses)
– Python Snippets (all licenses)

We have also reached another important milestone in the SDK documentation process, as it now features the complete guide on how to create plugins and extensions for Cerbero Suite and Cerbero Engine.

We also improved syntax highlighting and fixed various bugs.

Simple Batch Emulator Package

To help in the analysis of malware which uses Windows batch scripts we just released a package on Cerbero Store called “Simple Batch Emulator”. The name of the package is self-explanatory as it provides a basic emulator for batch scripts. The package is available to all commercial licenses of Cerbero Suite Advanced.

The following is a malicious OneNote document. All embedded files are automatically extracted thanks to the “OneNote Format” package.

Two of the embedded files are batch scripts. We can execute the action to emulate the obfuscated batch code.

Continue reading “Simple Batch Emulator Package”

OneNote Format Support

Microsoft OneNote is rising in popularity as a vector for malware. Therefore, all commercial licenses of Cerbero Suite can now download our “OneNote Format” package from Cerbero Store which parses the OneNote format and extracts embedded files.

Installing the package from Cerbero Store takes only a few mouse clicks.

Once the package is installed, you can directly inspect OneNote documents in Cerbero Suite and all embedded files are automatically extracted and ready to be inspected.

Continue reading “OneNote Format Support”

Cerbero Suite 6.1 and Cerbero Engine 3.1 are out!

We’re happy to announce the release of Cerbero Suite 6.1 and Cerbero Engine 3.1!

This release contains many improvements to our PDF support.

New JBIG2 Library

Our PDF support has been featuring the capability to decode JBIG2 streams for many years.

JBIG2 is an imperative file format which has been demonstrated can be Turing complete. In fact, one of the most sophisticated exploits has been created exploiting a JBIG2 library in iOS. The exploit mentioned in the article creates over 70,000 segments to create a small virtual machine in logical operations defined by JBIG2.

In a recent release we made our already hardened JBIG2 decoding support even more secure by relegating it to a different process and constraining it to a time threshold.

This release features a completely rewritten JBIG2 library. Not only is it faster than the previous one, but it also has constraints on allocation and processing time by default. Therefore, now the library is being run again in the same process and it’s even faster than before.

For the customers of our engine: it is still possible to use the old JBIG2 library:

pdf.SetJBIG2LibraryVersion(1)

By default version 2 (the new library) is used.

Continue reading “Cerbero Suite 6.1 and Cerbero Engine 3.1 are out!”