The French data protection watchdog CNIL has issued its first fine of €50 million (around $57 million) under the European Union’s new General Data Protection Regulation (GDPR) law that came into force in May last year.
The fine has been levied on Google for “lack of transparency, inadequate information and lack of valid consent regarding the ads personalization,” the CNIL (National Data
Since most security tools also keep an eye on the network traffic to detect malicious IP addresses, attackers are increasingly adopting infrastructure of legitimate services in their attacks to hide their malicious activities.
Cybersecurity researchers have now spotted a new malware attack campaign linked to the notorious DarkHydrus APT group that uses Google Drive as its command-and-control (
Malice’s mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company.
Try It Out
- ~16GB disk space
- ~4GB RAM
Getting Started (OSX)
$ brew install maliceio/tap/malice
Usage: malice [OPTIONS] COMMAND [arg...]
Open Source Malware Analysis Framework
--debug, -D Enable debug mode [$MALICE_DEBUG]
--help, -h show help
--version, -v print the version
scan Scan a file
watch Watch a folder
lookup Look up a file hash
elk Start an ELK docker container
plugin List, Install or Remove Plugins
help Shows a list of commands or help for one command
Run 'malice COMMAND --help' for more information on a command.
Scan some malware
$ malice scan evil.malware
NOTE: On the first run malice will download all of it’s default plugins which can take a while to complete.
Malice will output the results as a markdown table that can be piped or copied into a results.md that will look great on Github see here
Start Malice’s Web UI
$ malice elk
- Type in malice as the
Index name or patternand click Create.
- Now click on the
Malice Taband behold!!!
Getting Started (Docker in Docker)
Install/Update all Plugins
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock malice/engine plugin update --all
Scan a file
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock
malice/engine scan SAMPLE