CISA makes its "Malware Next-Gen" analysis system publicly available

18 tháng 4, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new version of "Malware Next-Gen," now allowing the public to submit malware samples for analysis by CISA.


Malware Next-Gen is a malware analysis platform that examines malware samples for suspicious artifacts. It was originally designed to allow U.S. federal, state, local, tribal, and territorial government agencies to submit suspicious files and receive automated malware analysis through static and dynamic analysis tools.


On April 10, CISA released a new version of the system that allows any organization or person to submit files to the system.


"The Cybersecurity and Infrastructure Security Agency (CISA) announces on April 11 a new release of our malware analysis system, called Malware Next-Gen, which allows any organization to submit malware samples and other suspicious artifacts for analysis," reads the announcement.


"Malware Next-Gen allows CISA to more effectively support our partners by automating analysis of newly identified malware and enhancing the cyber defense efforts."


Malware Next-Gen is designed to handle the growing workload of cyber-threat analysis by offering advanced and reliable analysis on a scalable platform featuring multilevel containment capabilities for automatic analysis of potentially malicious files or URLs.


CISA's Executive Assistant Director for Cybersecurity, Eric Goldstein, sees this new platform as a contributor to the national cybersecurity and critical infrastructure bolstering efforts.


Goldstein hopes that Malware Next-Gen will streamline processes that allow the agency to hunt for new threats and analyze, correlate, and enrich data that's valuable in cyber-threat response operations.


Availability


Malware Next-Gen was made available to a limited number of government organizations since November 2023, leading to the identification of 200 suspicious or malicious files and URLs from 1,600 submissions.


CISA encourages all organizations, security researchers, and individuals to register and submit suspicious files to the platform for analysis, which requires registration with a login.gov account.


Submitted files are analyzed in a secure environment employing a combination of static and dynamic analysis tools, and the results are provided in PDF and STIX 2.1 formats.


For those who wish to remain anonymous, there's also an option to submit malware samples through this portal for unregistered users, though analysis results won't be made available to them.



Anonymous sample submission (BleepingComputer)




However, only CISA analysts and other vetted people will have access to the malware analysis reports generated by the system. Therefore, if you wish to receive an immediate analysis of a suspicious file, VirusTotal remains an excellent option.


Finally, CISA warns users to refrain from attempting to misuse the system, waive any privacy expectations, and ensure that the information they submit on the platform does not contain classified data.



Source: BleepingComputer


Bạn cũng có thể quan tâm

4 tháng 6, 2024
Bộ định tuyến chơi game TP-Link Archer C5400X dễ mắc phải các lỗi bảo mật có thể cho phép kẻ tấn công từ xa, không được xác thực thực thi các lệnh trên thiết bị.
3 tháng 6, 2024
Ngày 27 tháng 5 Check Point đã cảnh báo rằng các tác nhân đe dọa đang nhắm mục tiêu vào các thiết bị VPN truy cập từ xa của Check Point trong một chiến dịch đang diễn ra nhằm xâm phạm mạng doanh nghiệp.
31 tháng 5, 2024
Công ty quản lý đơn thuốc Sav-Rx cảnh báo hơn 2,8 triệu cá nhân ở Hoa Kỳ việc họ đã bị vi phạm dữ liệu và dữ liệu cá nhân của họ đã bị đánh cắp trong một cuộc tấn công mạng năm 2023.
Thêm bài viết
Share by: