Top tip: Don't upload your confidential biz files to free malware-scanning websites – everything is public Companies are inadvertently leaving confidential files on the internet for anyone to download – after uploading the documents to malware-scanning websites that make everything public. These file-probing websites open submitted documents in secure sandboxes to detect any malicious behavior. Businesses forward email attachments …
Domain name and IP are irrelevant. They'll shift regularly.
Instead properly research any online services you use, and validate that they're legitimate, that they're compliant with relevant laws and that you both understand how they'll use the data you give to them and are happy with that.
Possibly. "This endpoint allows you to retrieve a live feed of absolutely all uploaded files to VirusTotal, and download them for further scrutiny, along with their full reports."
It's not part of the free public API, but I've not investigated what amount of background checks they do for access to the for-pay private API.
TFW you cannot trust your company’s solution because they’re using some weird system and so you use VirusTotal...
Yeah, I’m guilty of doing that last week out of desperation. Because our company’s been switching from the notoriously shitty McAfee ViruScan Enterprise to... something... [software name withheld, but I’ll say that the name is a synonym of ”guard-first”]. I’ve never heard of it and have never seen it mentioned anywhere before and thus am extremely suspicious of it. And then one of my higher-ups got wronged by someone, entered BOFH mode, and configured our Exchange server to stamp this ever-loving paranoia-inducing message (something like “This e-mail is from an external source, please be cautious of attachments”) on any incoming e-mails that has attachments, scaring the heck out of my colleagues - which is how we got here: colleague wants to be sure that the attachment she received is safe to open. Since VirusTotal is mentioned by many reputable sites and people I trust in the past, and I don’t trust that “guard-first”, I just hesitantly uploaded it to scan.
This post has been deleted by its author
is a sustainable business model? What EXACTLY do you expect to get from a FREE service?
I'm not overly annoyed at people in their private lives not realizing just what they are giving away in exchange for free email, search, social networking, etc. Especially following almost a hundred years of free radio & TV.
I'm really, REALLY annoyed that anyone with a minor in economics or an MBA would fail to grasp that suppliers have to have viable business models. A free document scanning service is running a live & busy endpoint. Someone has to pay for that server, for the software its running, and the maintenance of both. Figure it out.
Suppliers do NOT have tro have a viable business model. And what about the supplier's suppliers?
VirusTotal was acquired by Google. They're not running it as a money-making exercise. See also Uber, Lyft, a million and one other "lose money gaining market share, make it up on volume" investor-fleecing scams.
Finally, consider the vast volumes of Free / open source code in pretty much any org, even where they don't realise it.
VirusTotal was acquired by Google. They're not running it as a money-making exercise.
You meant the company that tries to acquire and sell all the information they can would purchase something like VirusTotal and then not try to milk it for all the information (aka money) they can get out of it? I'm not sure I follow your logic.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
