Tag: VirusTotal Blog

This article has been indexed from VirusTotal Blog In our previous blog post we started discussing how important it is to have relevant context when doing any investigation and how at VirusTotal, we are working hard to provide as much…

Read more →

In our previous blog post we started discussing how important it is to have relevant context when doing any investigation and how at VirusTotal, we are working hard to provide as much context as possible. Indeed, there are many new…

Read more →

Read the original article: Leveraging adversarial data for security control validation  Nowadays defenders have at their disposal a big amount of data describing how attackers proceed in their malicious campaigns, including TTPs (Techniques, Tactics and Procedures) and artefacts used. Threat…

Read more →

Read the original article: When you go fighting malware don´t forget your VT plugins It’s been a year since we launched our VirusTotal plugin for IDA Pro, followed by SentinelOne’s amazing contribution to the community with their VirusTotal plugin for…

Read more →

Read the original article: Building towards the richest and most interconnected malware ecosystem  Investigations on malicious activity usually start with small pieces of a puzzle we don’t know how big and complex it will be. Analysts will never have a…

Read more →

Read the original article: Building towards the richest and most interconnected malware ecosystem  Investigations on malicious activity usually start with small pieces of a puzzle we don’t know how big and complex it will be. Analysts will never have a…

Read more →

Read the original article: VirusTotal Multisandbox += Sangfor ZSand VirusTotal multisandbox project welcomes Sangfor ZSand.  The ZSand currently focuses on PE files，with extensions to other popular file types like javascript and Microsoft office to be released soon. In their own…

Read more →

Read the original article: VirusTotal += BitDefender Falx  We welcome the BitDefender Falx scanner to VirusTotal. This engine is specialized in Android and reinforces the participation of Bitdefender that already had two engines in our service, their multi-platform scanner (BitDefender)…

Read more →

Read the original article: VirusTotal += BitDefender Falx  We welcome the BitDefender Falx scanner to VirusTotal. This engine is specialized in Android and reinforces the participation of Bitdefender that already had two engines in our service, their multi-platform scanner (BitDefender)…

Read more →

Read the original article: Using similarity to expand context and map out threat campaigns TL;DR: VirusTotal allows you to search for similar files according to different orthogonal notions (structure, visual layout, icons, execution behaviour, etc.). File similarity can be combined…

Read more →

Read the original article: Why is similarity so relevant when investigating attacks The concept of similarity is pretty straightforward: are two files similar? There are many ways to figure it out. That’s why different similarity algorithms exist. Now, why is…

Read more →

Read the original article: Keep your friends close; keep ransomware closer “How to avoid being a ransomware victim?” is one of the main questions every single company and organization asks themselves every day. Unfortunately there is no silver bullet against…

Read more →

Read the original article: VirusTotal += Gridinsoft  We welcome the Gridinsoft engine to VirusTotal. In the words of the company: “Gridinsoft provides an autonomous multi-layered malware detection engine based on a powerful malware-analyzing laboratory. We combine the most relevant file…

Read more →

Read the original article: Tracing fresh Ryuk campaigns itw Ryuk is one of the most dangerous Ransomware families. It is (allegedly) run by a specialized cybercrime actor that during the last 2 years mainly focused on targeting enterprise environments. The…

Read more →

Read the original article: Tracing fresh Ryuk campaigns itw Ryuk is one of the most dangerous Ransomware families. It is (allegedly) run by a specialized cybercrime actor that during the last 2 years mainly focused on targeting enterprise environments. The…

Read more →

Read the original article: Tracing fresh Ryuk campaigns itw Ryuk is one of the most dangerous Ransomware families. It is (allegedly) run by a specialized cybercrime actor that during the last 2 years mainly focused on targeting enterprise environments. The…

Read more →

Read the original article: Learn how malware operates so you can defend yourself against it TL;DR: VirusTotal is hosting an APJ webinar on August 27th showcasing our advanced threat enrichment and threat hunting capabilities, register for the webinar, it is…

Read more →

Read the original article: VirusTotal += Cynet We welcome the Cynet engine to VirusTotal. In the words of the company: “Cynet 360 is an autonomous breach protection platform that includes multi-layered anti malware capabilities including AI-based static analysis, process behavior…

Read more →

Read the original article: VirusTotal += Cynet We welcome the Cynet engine to VirusTotal. In the words of the company: “Cynet 360 is an autonomous breach protection platform that includes multi-layered anti malware capabilities including AI-based static analysis, process behavior…

Read more →

Read the original article: I did not know you could do X, Y, Z with VirusTotal TL;DR: VirusTotal is hosting an EMEA webinar on June 4th showcasing our advanced threat enrichment and threat hunting capabilities, register for the webinar, it…

Read more →

Read the original article: I did not know you could do X, Y, Z with VirusTotal TL;DR: VirusTotal is hosting an EMEA webinar on June 4th showcasing our advanced threat enrichment and threat hunting capabilities, register for the webinar, it…

Read more →

Read the original article: Official VirusTotal Plugin for IDA Pro 7 ATTENTION: In order to use the content search functionality you will need to have access to VT Intelligence. If you want to jump straight ahead and install the plugin,…

Read more →

Read the original article: VirusTotal MultiSandbox += QiAnXin RedDrip VirusTotal would like to welcome QiAnXin RedDrip to the multi-sandbox project! QiAnXin is now sending execution behavior reports to the VirusTotal ecosystem for a wide variety of file types. In their…

Read more →

Read the original article: Uncovering threat infrastructure via URL, domain and IP address advanced pivots a.k.a. Netloc Intelligence Quick links:https://support.virustotal.com/hc/en-us/articles/360001387057https://developers.virustotal.com/v3.0/reference#intelligence-searchhttps://github.com/VirusTotal/vt-py Ten years ago, VirusTotal launched VT Intelligence; a critical component of VT Enterprise which offers users the capability to search…

Read more →

VirusTotal MultiSandbox += QiAnXin RedDrip   Advertise on IT Security News. Read the complete article: VirusTotal MultiSandbox += QiAnXin RedDrip

Read more →

Uncovering threat infrastructure via URL, domain and IP address advanced pivots a.k.a. Netloc Intelligence   Advertise on IT Security News. Read the complete article: Uncovering threat infrastructure via URL, domain and IP address advanced pivots a.k.a. Netloc Intelligence

Read more →

Official VirusTotal Plugin for IDA Pro 7   Advertise on IT Security News. Read the complete article: Official VirusTotal Plugin for IDA Pro 7

Read more →

VirusTotal would like to welcome BitDam to the multi-sandbox project! In their own words: BitDam Advanced Threat Protection (ATP) is a cloud-based engine that proactively detects threats, pre-delivery, preventing hardware and logical exploits, ransomware, spear-phishing and zero-day attacks contained in…

Read more →

Uncovering threat infrastructure via URL, domain and IP address advanced pivots a.k.a. Netloc Intelligence   Advertise on IT Security News. Read the complete article: Uncovering threat infrastructure via URL, domain and IP address advanced pivots a.k.a. Netloc Intelligence

Read more →

Uncovering threat infrastructure via URL, domain and IP address advanced pivots a.k.a. Netloc Intelligence   Advertise on IT Security News. Read the complete article: Uncovering threat infrastructure via URL, domain and IP address advanced pivots a.k.a. Netloc Intelligence

Read more →

VirusTotal MultiSandbox += QiAnXin RedDrip   Advertise on IT Security News. Read the complete article: VirusTotal MultiSandbox += QiAnXin RedDrip

Read more →

ATTENTION: In order to use the content search functionality you will need to have access to VT Intelligence. If you want to jump straight ahead and install the plugin, please refer to its GitHub repository. VirusTotal is very excited to…

Read more →

ATTENTION: In order to use the content search functionality you will need to have access to VT Intelligence. If you want to jump straight ahead and install the plugin, please refer to its GitHub repository. VirusTotal is very excited to…

Read more →

VirusTotal would like to welcome BitDam to the multi-sandbox project! In their own words: BitDam Advanced Threat Protection (ATP) is a cloud-based engine that proactively detects threats, pre-delivery, preventing hardware and logical exploits, ransomware, spear-phishing and zero-day attacks contained in…

Read more →

VirusTotal would like to welcome BitDam to the multi-sandbox project! In their own words: BitDam Advanced Threat Protection (ATP) is a cloud-based engine that proactively detects threats, pre-delivery, preventing hardware and logical exploits, ransomware, spear-phishing and zero-day attacks contained in…

Read more →

Just 2 years ago we launched the first version of VirusTotal Graph. The goal was to provide a tool which understands the relationship between files, URLs, domains and IP addresses, and an easy interface to pivot and navigate over them.…

Read more →

Just 2 years ago we launched the first version of VirusTotal Graph. The goal was to provide a tool which understands the relationship between files, URLs, domains and IP addresses, and an easy interface to pivot and navigate over them.…

Read more →