YARA-X 1.0.0: The Stable Release and Its Advantages
Audio version of this post, created with NotebookLM Deep Dive Your browser does not support the audio element. Short note for everyone who already lives and breathes YARA: Victor (aka plusvic) just launched YARA-X 1.0.0. Full details: https://virustotal.github.io/yara-x/blog/yara-x-is-stable/ What changes for you Area YARA 4.x YARA-X Engine C/C++, manual memory Rust, memory-safe Rule compatibility – […] more…
What 17,845 GitHub Repos Taught Us About Malicious MCP Servers
Audio version of this post, created with NotebookLM Deep Dive Your browser does not support the audio element. Spoiler: VirusTotal Code Insight’s preliminary audit flagged nearly 8% of MCP (Model Context Protocol) servers on GitHub as potentially forged for evil, though the sad truth is, bad intentions aren’t required to follow bad practices and publish […] more…
Research that builds detections
Note: You can view the full content of the blog here. Introduction Detection engineering is becoming increasingly important in surfacing new malicious activity. Threat actors might take advantage of previously unknown malware families – but a successful detection of certain methodologies or artifacts can help expose the entire infection chain. In previous blog posts, we […] more…
Important Update: IP Address Change for VirusTotal
We’re making a change to the IP address for www.virustotal.com. If you’re currently whitelisting our IP address in your firewall or proxy, you’ll need to update your rules to maintain access to VirusTotal. Starting November 25th, we’ll be gradually transitioning the resolution of www.virustotal.com to a new IP address: 34.54.88.138. If you have hardcoded the […] more…
Unveiling Hidden Connections: JA4 Client Fingerprinting on VirusTotal
VirusTotal has incorporated a powerful new tool to fight against malware: JA4 client fingerprinting. This feature allows security researchers to track and identify malicious files based on the unique characteristics of their TLS client communications. JA4: A More Robust Successor to JA3 JA4, developed by FoxIO, represents a significant advancement over the older JA3 fingerprinting […] more…
VirusTotal AI-Generated Conversations: Threat Intel Made Easy
At VirusTotal, we’re constantly exploring new ways to make threat intelligence more digestible and available to a wider audience. Our latest effort leverages the power of AI to create easily understood audio discussions from technical information. Using Google NotebookLM’s innovative Audio Overview feature, we’re transforming technical content into accessible audio experiences to make threat intelligence […] more…
Leveraging LLMs for Malware Analysis: Insights and Future Directions
By Gerardo Fernández, Joseliyo Sánchez and Vicente Díaz Malware analysis is (probably) the most expert-demanding and time-consuming activity for any security professional. Unfortunately automation for static analysis has always been challenging for the security industry. The sheer volume and complexity of malicious code necessitate innovative approaches for efficient and effective analysis. At VirusTotal, we’ve been […] more…
Exploring the VirusTotal Dataset | An Analyst’s Guide to Effective Threat Research
By Aleksandar Milenkoski (SentinelOne) and Jose Luis Sánchez Martínez VirusTotal stores a vast collection of files, URLs, domains, and IPs submitted by users worldwide. It features a variety of functionalities and integrates third-party detection engines and tools to analyze the maliciousness of submitted artifacts and gather relevant related information, such as file properties, domain registrars, […] more…
VirusTotal += Huorong
We welcome Huorong anti-malware engine to VirusTotal. In the words of the company: “Huorong is a Chinese information security company founded in 2011, which has been committed to the research and development of endpoint security products. Huorong anti-malware engine utilizes a builtin virtual sandbox to achieve generic scanning, generic unpacking and malicious behavior analysis capabilities. […] more…
We Made It, Together: 20 Years of VirusTotal!
Hi Everyone, We can hardly believe it, but VirusTotal is turning 20 on June 1st! As we sit down to write this, we’re filled with a mix of pride and gratitude. It’s been an incredible journey, and we wouldn’t be here without the amazing community that has supported us every step of the way. When […] more…
Tracking Threat Actors Using Images and Artifacts
When tracking adversaries, we commonly focus on the malware they employ in the final stages of the kill chain and infrastructure, often overlooking samples used in the initial ones. In this post, we will explore some ideas to track adversary activity leveraging images and artifacts mostly used during delivery. We presented this approach at the […] more…
YARA is dead, long live YARA-X
For over 15 years, YARA has been growing and evolving until it became an indispensable tool in every malware researcher’s toolbox. Throughout this time YARA has seen numerous updates, with new features added and countless bugs fixed. But today, I’m excited to announce the biggest change yet: a full rewrite. YARA-X is a completely new […] more…
Crowdsourced AI += ByteDefend
We are pleased to announce the integration of a new solution into our Crowdsourced AI initiative. This model, developed by Dr. Ran Dubin from the Department of Computer Science at Ariel University and head of ByteDefend Cyber Lab at the Ariel Cyber Innovation Center, is designed to analyze suspicious macros in Microsoft Office files, including […] more…
VirusTotal’s Mission Continues: Sharing Knowledge, Protecting Together
With the recent announcement of Google Threat Intelligence, I want to take this opportunity, as VirusTotal’s founder, to directly address our community and reiterate our unwavering commitment to our core mission. First and foremost, I want to assure our entire community, from security researchers and industry partners to individual users, that VirusTotal’s core mission remains […] more…
Analyzing Malware in Binaries and Executables with AI
In a recent post titled “From Assistant to Analyst: The Power of Gemini 1.5 Pro for Malware Analysis”, published on the Google Cloud Security blog, we explore the capabilities of Gemini 1.5 Pro, which enhances malware analysis by processing up to 1 million tokens. This advancement allows the tool to analyze large amounts of disassembled […] more…
Mastering VirusTotal: Certification Course
We are pleased to announce the partnership with The SOC Academy, a new startup dedicated to providing cybersecurity education, debuting with a VirusTotal Certification course. Founded by Laura, a passionate entrepreneur and especially a cybersecurity enthusiast, The SOC Academy aims to enhance the skills and expertise of professionals in the field. Below, we dive into […] more…
2017 Antivirus News | Powered by WordPress |
Fluxipress Theme
| Show My IP Address, check blacklists
| Free Favicon, Android and Apple Icon Generator
| Bitcoin and Crypto Currency News
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Read More Privacy & Cookies Policy
