Japan CERT has uncovered a novel attack technique named ‘MalDoc in PDF’ that involves embedding a malicious Word file into a PDF document to evade detection. While the file appears as a PDF, it can be opened in Word and execute malicious macros. JPCERT has shared detection details and a Yara rule in its report.
