Security News

Researchers Takeover Unpatched 3rd-Party Antivirus Sandboxes via VirusTotal
2022-04-26 01:30

Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution. The flaw, now patched, made it possible to "Execute commands remotely within VirusTotal platform and gain access to its various scans capabilities," Cysource researchers Shai Alfasi and Marlon Fabiano da Silva said in a report exclusively shared with The Hacker News.

Week in review: Finding stolen credentials on VirusTotal, BNPL attracting fraudsters
2022-01-23 09:00

PCI SSC updates card security standards to secure the card production processThe PCI Security Standards Council announced the availability of the PCI Card Production and Provisioning Security Requirements version 3.0. The importance of securing machine-to-machine and human-to-machine interactionIn this interview with Help Net Security, Oded Hareven, CEO at Akeyless, explains how organizations manage secrets, particularly how this practice has changed and evolved amid the rapid shift to hybrid/remote work and how it benefits organizations security wise.

VirusTotal Hacking: Finding stolen credentials hosted on VirusTotal
2022-01-18 17:32

VirusTotal, the popular online service for analyzing suspicious files, URLs and IP addresses, can be used to collect credentials stolen by malware, researchers at SafeBreach have found. With a €600 VirusTotal license, they have managed to collect more than 1,000,000 credentials just by executing simple searches with a few tools.

VirusTotal Collections feature helps keep neat IoC lists
2021-12-01 10:33

Scanning service VirusTotal announced today a new feature called Collections that lets researchers create and share reports with indicators of compromise observed in security incidents. VirusTotal Collections gives researchers an easy way to store, update, and share IoCs with other members of the infosec community, building more context around security incidents and threat actors.

Google's VirusTotal reports that 95% of ransomware spotted targets Windows
2021-10-14 18:53

Google's VirusTotal service showing that 95 per cent of ransomware malware identified by its systems targets Windows. What systems are most attacked? 93.28 per cent of ransomware detected were Windows executables, and 2 per cent Windows DLLs, the report said.

VirusTotal Releases Ransomware Report Based on Analysis of 80 Million Samples
2021-10-14 07:48

As many as 130 different ransomware families have been found to be active in 2020 and the first half of 2021, with Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran, and the U.K. emerging as the most affected territories, a comprehensive analysis of 80 million ransomware-related samples has revealed. "In most cases, they are using fresh or new ransomware samples for their campaigns."

VirusTotal ordered to reveal private info of stolen HSE data downloaders
2021-07-01 19:16

An Irish court has ordered VirusTotal to provide the information of subscribers who downloaded or uploaded confidential data stolen from Ireland's national health care service during a ransomware attack. To prove the data theft, the Conti gang posted a link to a file in their ransomware negotiation chat that they said contained samples of the stolen data.

Babuk Ransomware Builder Mysteriously Appears in VirusTotal
2021-07-01 14:11

The Babuk ransomware gang's source code has been uploaded to VirusTotal, making it available to all security vendors and competitors. Two months later, the Babuk builder used to create the ransomware's unique payloads and decryption modules has been made public, researchers said.

Working Windows and Linux Spectre exploits found on VirusTotal
2021-03-01 23:05

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. Voisin found the two working Linux and Windows exploits on the online VirusTotal malware analysis platform.

Workshop Today: Threat Hunting With VirusTotal - Black Belt Edition
2020-11-19 15:12

Threat Hunting is one of the most popular techniques used by security analysts for all kinds of investigations. It is both science and, to some degree, inspiration.