Yara

Virustotal Adds Mandiant’s CAPA and GoReSym Capabilities

On: 27 January 2023

Virustotal is the biggest community for sharing/learning malicious files platform. It aggregates many antivirus and scan engines and allows users to check a file is malicious or not according to tens of antivirus products and scan engines. Google acquired Virustotal in 2012 and Mandiant last year. While waiting eagerly aboutContinue Reading

Catch Threat Actors Using Cobalt Strike

By: be4sec

On: 22 November 2022

In: News

With: 0 Comments

Cobalt Strike is a legitimate, commercial penetration testing tool mostly used by red teams and for security trainings. However, it is widely used as cracked by threat actors for intrusion and lateral movement in their victims’ networks. Google Cloud has released some open source YARA rules for detecting Cobalt StrikeContinue Reading