http://blog.hispasec.com/virustotal es Wed, 17 Nov 2010 08:00:48 +0000 hourly 1 http://blog.hispasec.com/virustotalimages/minilogo.png http://blog.hispasec.com/virustotal http://blog.hispasec.com/virustotal/53 Hispasec has just created <a href="http://www.hispasec.com/lapsec/index_en_html">LapSec</a>. It is a freeware tool to secure Windows laptops. (We know, nothing to do with Virustotal, but just to let you know). Hope it turns out to be useful. http://blog.hispasec.com/virustotal/52 We have just coded a Google Chrome browser extension to interact with VirusTotal. The extension adds an option to the context menu to analyze links with VirusTotal's URL analysis engine. <img src="./images/vtcr.png" /> <br/> <p>Unlike the VTzilla Firefox extension, it does not embed an additional "Scan with VirusTotal" option in the browser's file download dialog (mainly because Chrome's API does not allow to do so). Having said this, it does include a top menu bar popup that enables quick VirusTotal searches and direct submission of the page being viewed to VirusTotal.</p> You may find more information (including the download links) about both VTchromizer and VTzilla here: <a href="http://www.virustotal.com/advanced.html#browser-addons">VirusTotal browser extensions</a> http://blog.hispasec.com/virustotal/51 We've added <a href="http://bit.ly/bL34M3">ExifTool</a> results in the VT <a href="http://bit.ly/ay6C7A">reports</a>. It shows lots of internal information about some types of files, and it is specially interesting in image and document types. Thanks Phil Harvey for letting us use this nice tool here. http://blog.hispasec.com/virustotal/50 Now when you check a static URL report, if there's a more recent report about that specific sample, you will be able to see it in the head of the report with this form: There is a more up-to-date report (N/M) for this file. That message will also be a link where you'll be able to visit that more recent report. Thanks Lucian for the suggestion :) http://blog.hispasec.com/virustotal/49 We've just added the <a href="http://www.superantispyware.com">SUPERAntiSpyware</a> engine from the homonymous company, based on USA. Primarily focused on Spyware handling, it also detects other kinds of malware. I would like to thank Mr. Skrepetos for making integration at VirusTotal a seamless task. http://blog.hispasec.com/virustotal/48 Some days ago we've included a new version of the Symantec engine that makes use of the company reputation-based security technology. Given that we've received a lot of emails asking about the matter, we think it is interesting to clarify it, and Symantec guys have posted a quite enlightening entry in this blog: <i>"So what exactly is a Suspicious.Insight detection? These detections are derived from Symantec&#8217;s new reputation-based security technology. They highlight files that have not yet developed a strong reputation (either good or bad) amongst Symantec&#8217;s community of users."</i> To read more about it, visit the <a href="http://www.symantec.com/connect/es/blogs/reputation-based-security-suspiciousinsight-detections-virus-total">Symantec's blog post</a> or the <a href="http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99">reference about the detection</a>.