fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

VirusTotal Collections Feature Helps Keep Neat IoC Lists

VirusTotal Collections Feature Helps Keep Neat IoC Lists

Scanning service VirusTotal announced today a new feature called Collections that lets researchers create and share reports with indicators of compromise observed in security incidents.

Indicators of compromise (IoCs) are pieces of data (files, digital addresses) uncovered when investigating cyberattacks, which can help researchers and companies detect an attack in early stages or defend against them.

Clean IoC sheet

VirusTotal Collections gives researchers an easy way to store, update, and share IoCs with other members of the infosec community, building more context around security incidents and threat actors.

Also Read: 7 Simple Tips On How To Create A Good Business Card Data

“Collections are open to our VirusTotal Community (registered users) and they will be enhanced with VirusTotal analysis metadata providing the latest information we have for the IoCs, along with some aggregated tags” – Juan Infantes, software engineer at VirusTotal

Threat researchers can use collections to add separate IoC groups (file hashes, IP addresses, URLs, domains) into one report that comes with a title and an op description.

All IoCs in a collection are accompanied by data from the VirusTotal, which includes the detection rate, first and last time the artifact was seen, and file size.

With domains names and IP addresses, the service also provides the name of the registrar, country, and the autonomous system, and the managing network operator, just like in the case of individual searches of security incident artifacts.

Below is an example of the collection of indicators of compromise for the defunct GandCrab ransomware, from Malpedia free resource for malware investigators.

Malpedia’s GandCrab IoC collection of file hashes:

Also Read: Trusted Data Sharing Framework IMDA Announced In Singapore

source: Malpedia IoC collection for GandCrab (file hashes)

Malpedia’s GandCrab IoC collection of related domains:

source: Malpedia IoC collection for GandCrab

Security researchers are applauding the new feature in VirusTotal and have already started to create collections of IoC, which are usually shared via tweets and text storage services.

With Collections, VirusTotal provides a simpler way for threat researchers to collaborate and find actionable intelligence that is easy to access and distribute.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us