A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.
VirusTotal API v3 is a threat intelligence platform that provides a suite of APIs for scanning files, URLs, and IP addresses, and retrieving reports on threat reputation and context. It integrates with various security tools and platforms, including Splunk, Palo Alto Cortex XSOAR, and Crowdstrike. The API offers a range of endpoints for uploading files, retrieving file reports, scanning URLs, and getting domain and IP address reports. The API is designed with ease of use and uniformity in mind, following the REST principles and using JSON for requests and responses. It exposes richer data, including IoC relationships, sandbox dynamic analysis information, static information for files, YARA Livehunt & Retrohunt management, and crowdsourced detection details. VirusTotal API v3 is the default and encouraged way to programmatically interact with VirusTotal, and it is recommended to migrate workloads to this new version.
A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.
Check the reputation of an IP address to identify potential threats.
A daily collection of IOCs from various sources, including articles and tweets.
GCTI's open-source detection signatures for malware and threat detection
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
MaxMind provides accurate IP geolocation and online fraud detection solutions to create safer digital experiences.