Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. Many cyberattacks begin by victims visiting compromised websites that host malware or phishing scams, threat actors use domains for different malicious…
Category: VirusTotal Blog
Sigma rules for Linux and MacOS
TLDR: VT Crowdsourced Sigma rules will now also match suspicious activity for macOS and Linux binaries, in addition to Windows. We recently discussed how to maximize the value of Sigma rules by easily converting them to YARA Livehunts. Unfortunately, at…
Protecting the perimeter with VT Intelligence – malicious URLs
Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. One of the main attacking vectors attackers use for credential theft and malware deployment are malicious link-based attacks leveraging impersonated websites…
VTMondays
Welcome to VTMondays! A weekly series of bite-sized educational pills exploring the use of VirusTotal in real-world scenarios. Here’s what you’ll get: Short lessons: VTMondays are packed with valuable info in under 5 minutes read. Real-world scenarios: We’re not talking…
Protecting the perimeter with VT Intelligence – Email security
Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. One of the most common attack vectors to gain access to your network is through phishing emails with attachments containing malware,…
How AI is shaping malware analysis
We just released our “Empowering Defenders: How AI is shaping malware analysis” report, where we want to share VirusTotal’s visibility to help researchers, security practitioners and the general public better understand the nature of malicious attacks, this time focusing on…
Actionable Threat Intel (VI) – A day in a Threat Hunter’s life
Kaspersky’s CTI analysts recently released their Asian APT groups report, including details on behavior by different adversaries. Following our series on making third-party intelligence actionable using VirusTotal Intelligence, we have put on our threat hunter’s hat to find samples and…
The definitive VirusTotal’s admin guide
VirusTotal administrators’ tasks are key for the good health of the groups they manage. Unfortunately it is not always clear the best way to do this or that task. But we heard our beloved community, and we created the definitive…
Unifying threat context with VirusTotal connectors
In an age where cyber threats continue to grow in sophistication and frequency, the pursuit of a unified threat contextualization platform is no longer a mere convenience but an absolute necessity. When faced with an unfamiliar file, hash, domain, IP…
It’s all about the structure! Creating YARA rules by clicking
Since we made our (extended) vt module available for LiveHunt YARA rules we understand it is not easy for analysts to keep in mind all the new potential possibilities – too many of them! Our goal is to make YARA…