Tag: virustotal
-
GravityRAT malware takes your system’s temperature
Cisco Talos researchers Warren Mercer and Paul Rascagnères recently discovered and analysed ‘GravityRAT’, an advanced Remote Access Trojan (RAT) that appears to have been used in targeted attacks against organizations in India. Analysis of this piece of malware gives an interesting insight into the current state of malware development. The malware is delivered through a…
-
GravityRAT malware takes your system’s temperature
Cisco Talos researchers Warren Mercer and Paul Rascagnères recently discovered and analysed ‘GravityRAT’, an advanced Remote Access Trojan (RAT) that appears to have been used in targeted attacks against organizations in India. Analysis of this piece of malware gives an interesting insight into the current state of malware development. The malware is delivered through a…
-
There is no evidence in-the-wild malware is using Meltdown or Spectre
Almost a month after the Meltdown and Spectre attacks against various CPUs were discovered and revealed to the public, there have been reports of the existence of malware that appears to be using the published proof-of-concept code. The source of these reports is a Google Plus post from testing organization AV-Test , which lists the…
-
There is no evidence in-the-wild malware is using Meltdown or Spectre
Almost a month after the Meltdown and Spectre attacks against various CPUs were discovered and revealed to the public, there have been reports of the existence of malware that appears to be using the published proof-of-concept code. The source of these reports is a Google Plus post from testing organization AV-Test , which lists the…
-
VB2017 paper: VirusTotal tips, tricks and myths
In a surprise announcement , Google ‘s parent company Alphabet has introduced Chronicle , a threat intelligence offering in which Google -owned VirusTotal will play an important role. While it is unclear at the moment what exactly Chronicle will do, the use of VirusTotal ‘s data is certainly interesting, given how important it is as…
-
VB2017 paper: VirusTotal tips, tricks and myths
In a surprise announcement , Google ‘s parent company Alphabet has introduced Chronicle , a threat intelligence offering in which Google -owned VirusTotal will play an important role. While it is unclear at the moment what exactly Chronicle will do, the use of VirusTotal ‘s data is certainly interesting, given how important it is as…
-
Paper: Using .NET GUIDs to help hunt for malware
Tool to extract identifiers incorporated into VirusTotal. The large number of new malware samples found each day hasn’t made malware analysis an easier task, and researchers could use anything that helps them automate this task. Today, we publish a paper by Cylance researcher Brian Wallace, who looks at two globally unique identifiers (GUIDs) found in…
-
VirusTotal project aims to remediate false positives
Security vendors to receive alerts when legitimate files are detected as malicious. False positives are a huge problem for the IT industry in general and for security products in particular. Indeed, in our VB100 and VBSpam comparative tests, many otherwise well performing products have failed to achieve an award because they blocked too many legitimate…
-
Low VirusTotal detection rates for new malware, do they matter?
It is not as important as is often suggested — and doesn’t mean the malware is allowed to execute. It is fairly common these days for security researchers to write about new malware attacks and point to low anti-virus detection rates when the affected sample is uploaded to VirusTotal ‘s multi-AV scanning service. But do…
-
VirusTotal support integrated into new version of Process Explorer
Sysadmins can check hashes of processes against file-checking service database. Microsoft and Google are known for their fierce competition, but when it comes to security, the tech giants are eager to put that aside. Hence as of this week, Google ‘s VirusTotal has been integrated into Microsoft ‘s Process Explorer . The planned integration was…