VirusTotal announced VirusTotal Collections, a new service that allows threat researchers to share Indicators of Compromise (IoCs).
A collection is a live report that includes IoCs associated with a specific threat and it is available for VirusTotal registered users. The reports will also include up-to-date VirusTotal analysis metadata.
“A collection is a live report which contains a title, a group of IoCs (file hashes, URLs, domains and IP addresses) and an optional description. Collections are open to our VirusTotal Community (registered users) and they will be enhanced with VirusTotal analysis metadata providing the latest information we have for the IoCs, along with some aggregated tags.” reads the announcement published by Virus Total.
Registered VirusTotal users will be able to add or remove IoCs to/from the reports.
Security experts often use sharing platforms like Pastebin to share IoCs with the community, now they have a dedicated platform to do it, which is also integrated with the information from Virus Total. Users can create IoC collections in the VirusTotal home page, under the SEARCH tab.
VirusTotal Collections is accessible via UI and API, it also allows to share the report using permalink that could be easily integrated into blog posts and third-party reports.
“All our community generated content, including comments, graphs and collections will contribute to the Community section of file, URL, domain and IP address reports. This means that if a security researcher creates a Collection with a file in it, if you visit the file report you will see the collection in the community section,” VirusTotal adds.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Collections)
[adrotate banner=”5″]
[adrotate banner=”13″]
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations.…
This website uses cookies.
