S3 Ep144: When threat hunting goes down a rabbit hole

2023-07-20 20:58

Listeners will probably know that Virus Total is a very popular service where, if you've got a file that either you know it's malware and you want to know what lots of different products call it, or if you think, "Maybe I want to get the sample securely to as many vendors as possible, as quickly as possible".

The file is meant to be made available to dozens of cybersecurity companies almost immediately.

That's not quite the same as broadcasting it to the world, or uploading it to a leaky online cloud storage bucket, but the service *is* meant to share that file with other people.

If you have ever done that, then what is it that guarantees you won't upload a file to the wrong *server* by mistake, making a similar kind of error?

If you're not logged into a site and you do try and upload a file there by mistake, then you will get a login prompt.

DOUG. Not to shift all the onus to the end users: If you're in the IT team, consider putting controls on which users can send what sorts of files to whom.

News URL

https://nakedsecurity.sophos.com/2023/07/20/s3-ep144-when-threat-hunting-goes-down-a-rabbit-hole/

#S3 #threat