Kaspersky Lab has released the source code of an internally-developed distributed YARA scanner as a way of giving back to the infosec community.
Originally developed by VirusTotal software engineer Victor Alvarez, YARA is a tool that allows researchers to analyze and detect malware by creating rules that describe threats based on textual or binary patterns.
Kaspersky Lab has developed its own version of the YARA tool. Named KLara, the Python-based application relies on a distributed architecture to allow researchers to quickly scan large collections of malware samples.
Looking for potential threats in the wild requires …read more
Via:: Security Week