Category: VirusTotal Blog

We are pleased to announce the partnership with The SOC Academy, a new startup dedicated to providing cybersecurity education, debuting with a VirusTotal Certification course. Founded by Laura, a passionate entrepreneur and especially a cybersecurity enthusiast, The SOC Academy aims…

Read more →

VirusTotal’s Threat Landscape can be a valuable source of operational and tactical threat intelligence for CTI teams, for instance helping us find the latest malware trends used by a given Threat Actor to adjust our intelligence-led security posture accordingly. In…

Read more →

The COM Hijacking technique is often utilized by threat actors and various malware families to achieve both persistence and privilege escalation in target systems. It relies on manipulating Component Object Model (COM), exploiting the core architecture of Windows that enables…

Read more →

The MITRE framework helps all defenders speak the same language regarding attackers’ modus operandi. VirusTotal provides multiple data points where MITRE’s Tactics and Techniques are dynamically extracted from samples when detonated in our sandboxes. In particular, samples’ MITRE mapping can…

Read more →

The MITRE framework helps all defenders speak the same language regarding attackers’ modus operandi. VirusTotal provides multiple data points where MITRE’s Tactics and Techniques are dynamically extracted from samples when detonated in our sandboxes. In particular, samples’ MITRE mapping can…

Read more →

The MITRE framework helps all defenders speak the same language regarding attackers’ modus operandi. VirusTotal provides multiple data points where MITRE’s Tactics and Techniques are dynamically extracted from samples when detonated in our sandboxes. In particular, samples’ MITRE mapping can…

Read more →

Today we are happy to announce the release of our “Livehunt Cheat Sheet”, a guide to help you quickly implement monitoring rules in Livehunt. You can find the PDF version here. VirusTotal Livehunt is a service that continuously scans all…

Read more →

In the constantly changing world of cybersecurity, generative AI is becoming an increasingly valuable tool. This blog post shows various examples that elude traditional detection engines yet are adeptly unveiled by Code Insight. We explore diverse scenarios, ranging from firmware…

Read more →

Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. VT Intelligence can be a powerful tool for monitoring malware trends, enhancing your detection capabilities and enabling proactive defense against evolving…

Read more →

Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. Many cyberattacks begin by victims visiting compromised websites that host malware or phishing scams, threat actors use domains for different malicious…

Read more →

TLDR: VT Crowdsourced Sigma rules will now also match suspicious activity for macOS and Linux binaries, in addition to Windows. We recently discussed how to maximize the value of Sigma rules by easily converting them to YARA Livehunts. Unfortunately, at…

Read more →

Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. One of the main attacking vectors attackers use for credential theft and malware deployment are malicious link-based attacks leveraging impersonated websites…

Read more →

Welcome to VTMondays! A weekly series of bite-sized educational pills exploring the use of VirusTotal in real-world scenarios. Here’s what you’ll get: Short lessons: VTMondays are packed with valuable info in under 5 minutes read. Real-world scenarios: We’re not talking…

Read more →

Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. One of the most common attack vectors to gain access to your network is through phishing emails with attachments containing malware,…

Read more →

We just released our “Empowering Defenders: How AI is shaping malware analysis” report, where we want to share VirusTotal’s visibility to help researchers, security practitioners and the general public better understand the nature of malicious attacks, this time focusing on…

Read more →

Kaspersky’s CTI analysts recently released their Asian APT groups report, including details on behavior by different adversaries. Following our series on making third-party intelligence actionable using VirusTotal Intelligence, we have put on our threat hunter’s hat to find samples and…

Read more →

VirusTotal administrators’ tasks are key for the good health of the groups they manage. Unfortunately it is not always clear the best way to do this or that task. But we heard our beloved community, and we created the definitive…

Read more →

In an age where cyber threats continue to grow in sophistication and frequency, the pursuit of a unified threat contextualization platform is no longer a mere convenience but an absolute necessity. When faced with an unfamiliar file, hash, domain, IP…

Read more →