top | item 43897152

(no title)

> Norton, Kaspersky, Zscaler, F-secure, NordVPN, Virustotal, Palo Alto: all of them marked these links as safe.

This is sad to see, these tools are forced down so many companies in name of "compliance" while totally not worth the maintenance and cost overhead. Apparently they haven't got any better in the last decade.

discuss

markbeare|10 months ago

I work for a cybersecurity company, and I think that the method they used to check these links with the mentioned security companies was not a reflection of how they detect. I'm sure that many of these companies do not have these domains in their DBs of bad sites but if you were to run these products and then visit the site then heuristic detection would have likely flagged the sites.

vin10|10 months ago

I would have expected at least Virustotal to flag them if that were the case. It does more than just looking up in a database of known malicious URLs and I think the reputation of the domains is the key factor here.

https://www.virustotal.com/gui/url/6dd23e90ee436e1ff066725aa...

> BitDefender - government

> Sophos - government

> Forcepoint ThreatSeeker - government

- https://docs.virustotal.com/docs/how-it-works

Muromec|10 months ago

Well, that's exactly the difference between complience and security

charcircuit|10 months ago

I'm curious if the link inside the pdf would have been detected.

vin10|10 months ago

It is the same for nested links as well. They mostly have a chain of links, each one taking you to a new one with hop count ranging anywhere from 5 up to 10 or more.