-
Uncovering Hidden Threats with VirusTotal Code Insight
In the constantly changing world of cybersecurity, generative AI is becoming an increasingly valuable tool. This blog post shows various examples that elude traditional detection engines yet are adeptly unveiled by Code Insight. We explore diverse scenarios, ranging from firmware patches in DJI drones that disable red flight lights, to the covert theft of WhatsApp…
-
VT Livehunt Cheat Sheet
Today we are happy to announce the release of our “Livehunt Cheat Sheet”, a guide to help you quickly implement monitoring rules in Livehunt. You can find the PDF version here. VirusTotal Livehunt is a service that continuously scans all incoming indicators and notifies you when any of them matches your rules. Livehunt not only…
-
Hunting for malicious domains with VT Intelligence
Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. Many cyberattacks begin by victims visiting compromised websites that host malware or phishing scams, threat actors use domains for different malicious purposes as part of their infrastructure, and malware communicates with external sites for command and…
-
Monitoring malware trends with VT Intelligence
Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. VT Intelligence can be a powerful tool for monitoring malware trends, enhancing your detection capabilities and enabling proactive defense against evolving threats. To leverage it effectively, analysts can refine searches with threat indicators relevant to their…
-
Sigma rules for Linux and MacOS
TLDR: VT Crowdsourced Sigma rules will now also match suspicious activity for macOS and Linux binaries, in addition to Windows. We recently discussed how to maximize the value of Sigma rules by easily converting them to YARA Livehunts. Unfortunately, at that time Sigma rules were only matched against Windows binaries. Since then, our engineering team…
-
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-3393 Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
-
Fortinet Releases Security Updates for FortiManager
Fortinet released a security update to address a vulnerability in FortiManager. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following Fortinet Security Bulletin and apply the necessary updates: FG-IR-24-425 Go to Source
-
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-44207 Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of…
-
From Naturalization to Cyber Advocacy: CISA Region 3’s Chris Ramos Inspires New U.S. Citizens
In a poignant and impactful moment at a recent USCIS naturalization ceremony, CISA Region 3’s Cybersecurity Coordinator, Chris Ramos, shared heartfelt words and critical cybersecurity guidance with nearly one hundred newly sworn American citizens. Go to Source