SlideShare a Scribd company logo

Owasp 2018 federated confidence

Download as PPTX, PDF
Eduardo Chavarro
Eduardo Chavarro

VirusTotal is a free online service owned by Google that analyzes files and URLs. It identifies viruses, malware, and other malicious content by using antivirus engines and website scanners contributed by different security vendors. While the service is useful for detecting threats, it is important to be aware that any files uploaded are scanned and potentially collected by VirusTotal and its parent company Google. Proper precautions should be taken regarding what personal or sensitive files are uploaded to the service.

Related slideshows

CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
IJET-V3I2P6
IJET-V3I2P6IJET-V3I2P6
IJET-V3I2P6
 
L017146571
L017146571L017146571
L017146571
 
1 of 10
Owasp 2018 federated confidence
I AGREE I TOOK THE CONTENT OF THE “TERMS OF SERVICE” OF THE LEADING ONLINE SERVICES THAT WE USE ON A DAILY BASIS (INCLUDING FACEBOOK, SNAPCHAT, INSTAGRAM, TINDER ETC.) Designer: Dima Yarovinsky Institution: Bezalel Academy for Art and Design City, Country: Jerusalem, Israel Course: Infographics Teacher: Roni Levit
https://www.marismith.com/did-cambridge-analytica-get-your-facebook-data/
Owasp 2018 federated confidence
VIRUSTOTAL – TO SERVE AND PROTECT … AND COLLECT, BUT THIS IS NOT THEIR FAULT VIRUSTOTAL, A SUBSIDIARY OF GOOGLE, IS A FREE ONLINE SERVICE THAT ANALYZES FILES AND URLS ENABLING THE IDENTIFICATION OF VIRUSES, WORMS, TROJANS AND OTHER KINDS OF MALICIOUS CONTENT DETECTED BY ANTIVIRUS ENGINES AND WEBSITE SCANNERS VT SCANS WHAT YOU GIVE IT TO WORK WITH, WE BELIEVE SERVICES AS GDRIVE DOESN’T USE VT POR ANALYZING STORED FILES
VT EVERYWHERE
VT – HUNTING DOWNLOADERSrule pdf_contains_action_link { meta: author = "Eduardo Chavarro" last_updated = "2018-02-08" tlp = "white" description = "A pdf that contains a link, working as an downloader" strings: $magic = { 25 50 44 46 } $s_link_tag = "/Subtype /Link" ascii wide nocase $s_action_tag = "Type /Action" ascii wide nocase $s_uri_tag = //URI .{14,}/ ascii wide nocase condition: $magic at 0 and all of ($s*) }
VT – VOYEUR TOTAL Files Name ------ ---- 2 Adult 5 books 2 cert 2 Contracts 2 cryptocoin 23 CV 29 Downloaders 3 email_forms 2 FINANCIAL 1 goverment 2 Medical 1 Pappers 3 possible_portal 3 productsheet 3 secrets 5 user_pwd 9 Vouchers
• DO NOT UPLOAD TO VT (OR ANYWHERE) IF THESE FILE AREN’T YOURS. • ASK YOUR HOSTING PROVIDER IF THEY USE VT PLUGINS AND WHAT KIND OF INFORMATION WILL BE UPLOADED (*.*?). • IF YOU SET A VT PLUGIN WITHIN YOUR COMPANY, ASK FOR PERMISSION AND VERIFY WINCH FOLDERS CAN BE MANAGED. • DON’T TRUST, ALWAYS CONFIRM.
Owasp 2018 federated confidence

More Related Content

Owasp 2018 federated confidence

  • 2. I AGREE I TOOK THE CONTENT OF THE “TERMS OF SERVICE” OF THE LEADING ONLINE SERVICES THAT WE USE ON A DAILY BASIS (INCLUDING FACEBOOK, SNAPCHAT, INSTAGRAM, TINDER ETC.) Designer: Dima Yarovinsky Institution: Bezalel Academy for Art and Design City, Country: Jerusalem, Israel Course: Infographics Teacher: Roni Levit
  • 5. VIRUSTOTAL – TO SERVE AND PROTECT … AND COLLECT, BUT THIS IS NOT THEIR FAULT VIRUSTOTAL, A SUBSIDIARY OF GOOGLE, IS A FREE ONLINE SERVICE THAT ANALYZES FILES AND URLS ENABLING THE IDENTIFICATION OF VIRUSES, WORMS, TROJANS AND OTHER KINDS OF MALICIOUS CONTENT DETECTED BY ANTIVIRUS ENGINES AND WEBSITE SCANNERS VT SCANS WHAT YOU GIVE IT TO WORK WITH, WE BELIEVE SERVICES AS GDRIVE DOESN’T USE VT POR ANALYZING STORED FILES
  • 7. VT – HUNTING DOWNLOADERSrule pdf_contains_action_link { meta: author = "Eduardo Chavarro" last_updated = "2018-02-08" tlp = "white" description = "A pdf that contains a link, working as an downloader" strings: $magic = { 25 50 44 46 } $s_link_tag = "/Subtype /Link" ascii wide nocase $s_action_tag = "Type /Action" ascii wide nocase $s_uri_tag = //URI .{14,}/ ascii wide nocase condition: $magic at 0 and all of ($s*) }
  • 8. VT – VOYEUR TOTAL Files Name ------ ---- 2 Adult 5 books 2 cert 2 Contracts 2 cryptocoin 23 CV 29 Downloaders 3 email_forms 2 FINANCIAL 1 goverment 2 Medical 1 Pappers 3 possible_portal 3 productsheet 3 secrets 5 user_pwd 9 Vouchers
  • 9. • DO NOT UPLOAD TO VT (OR ANYWHERE) IF THESE FILE AREN’T YOURS. • ASK YOUR HOSTING PROVIDER IF THEY USE VT PLUGINS AND WHAT KIND OF INFORMATION WILL BE UPLOADED (*.*?). • IF YOU SET A VT PLUGIN WITHIN YOUR COMPANY, ASK FOR PERMISSION AND VERIFY WINCH FOLDERS CAN BE MANAGED. • DON’T TRUST, ALWAYS CONFIRM.