sanjaymenon, 25 days ago to infosec

"YARA is dead, long live YARA-X!" 🎉

After 15 years, YARA gets a full rewrite in Rust, bringing enhanced performance, security, and user experience.

#infosec #security #virustotal #yara
https://blog.virustotal.com/2024/05/yara-is-dead-long-live-yara-x.html

linuxmagazine, 1 month ago to security

From last week's Linux Update: Franciszek Pokryszko explores Linux tools you can use to analyze malware without triggering an attack https://www.linux-magazine.com/Issues/2024/280/Malware-Analysis
#security #malware #tools #Linux #OpenSource #REMnux #SIFT #FOSS #sha256sum #VirusTotal #TrID #ExifTool #XLMMacroDeobfuscator

infosec_jcp, 6 months ago to random

#datapacket host breached #System call logged ☣️🐰☣️🐰☣️🐇☣️

FQDN: 143-244-49-180.bunnyinfra.net

@jerry - let your upstream data hosting provider, bunny.net, know.

Following up.... Ahh.. a reported compromised host from 11 months ago... 🐇☣️🐰☣️🐇☣️🐰☣️

Still compromised by #GammaGroup btw

#VirusTotal
https://www.virustotal.com/graph/embed/g3e1e230061f04448956657b84c7538cdfb1d21b6e7b34a76a6e31f8656710583

#datapacket host breached #System call logged ☣️🐰☣️🐰☣️🐇☣️ FQDN: 143-244-49-180.bunnyinfra.net @jerry Following up.... Ahh.. a reported compromised host from 11 months ago... 🐇☣️🐰☣️🐇☣️🐰☣️ Still compromised by #GammaGroup btw #VirusTotal https://www.virustotal.com/graph/embed/g3e1e230061f04448956657b84c7538cdfb1d21b6e7b34a76a6e31f8656710583

vikinghoarder, 7 months ago to intel

Where do you publish your found IOCs when you find a new malware sample and analyze it?

#ioc #malware #malwareanalysis #threatintel #intel #yara #otx #virustotal

limebar, 8 months ago to security

Do you know about VirusTotal?

https://www.virustotal.com/gui/home/upload

Upload a file, it will scan for viruses using dozens of scanners, and including running in a few VMs to test install, execution (behavior tab), networking (relations tab), and give a report.

Uses a hash to quickly lookup reports if anyone has done this before with your file (fast).

#security #virus #scan #virusTotal

frehi, 9 months ago to security

Yesterday the news broke that a trojanized version of #freedownloadmanager was being distributed. https://securelist.com/backdoored-free-download-manager-linux-malware/110465/

1 day later:

• no single anti virus vendor (besides #Kasperksy) added detection https://www.virustotal.com/gui/file/b77f63f14d0b2bde3f4f62f4323aad87194da11d71c117a487e18ff3f2cd468d/detection
• Both 1.1.1.2 and 9.9.9.9 malware filtering DNS servers still resolve the domain
• Only a handful of security vendors flag the domain as malicious https://www.virustotal.com/gui/domain/deb.fdmpkg.org/detection

Even though this is not widespread, this is disappointing.

#security #malware #linux #virustotal

alternativeto, 10 months ago to random

Google-owned malware detection service, #VirusTotal, has suffered a data leak, exposing the names and email addresses of 5,600 registered users, including employees from international intelligence agencies.
https://alternativeto.net/news/2023/7/virustotal-leak-exposes-data-of-5-600-users-including-international-intelligence-agencies/

dansup, 1 year ago to random

Added a userland Antivirus implementation to detect malicious zips before handling them, for Instagram Import. No deps required 😉

Based on ClamAV and other signatures, using phpMussel!

jerry, 1 year ago to random

I have some bad news everyone: the fediverse isn’t working out. Guess we should pack it up and move back to Facebook.
https://www.wired.com/story/the-hidden-dangers-of-the-decentralized-web/

5am, 1 year ago to random

This is a great look at how #defenders should not rely solely on tools like #VirusTotal, and instead should take time to consider potential code #obfuscation, redirection etc. which can lead to false negatives. https://medium.com/maverislabs/virustotal-is-not-an-incident-responder-80a6bb687eb9 #malware #analysis #blueteam #cybersecurity

infosec_jcp, 1 year ago to infosec

@jerry

#InfosecExchange New UI/ UX Host Front end IP 05-05-2023 #infosec

Infosec.Exchange - New Host - UI/UX :
¹ static.213-239-195-19.clients.your-server.de

#VirusTotal
https://www.virustotal.com/graph/embed/g4ee7407a5daa4e069bc4dd73f4d99c9fbde6cb6bfea6419c9f88515dbe671356

Infosec.Exchange - New Host - UI/UX :
² static.252.84.76.144.clients.your-server.de

#VirusTotal
https://www.virustotal.com/graph/embed/g2425387f882a4213944effcd805d55c387455682904849fd940165a558c67137