|
About the Rule Signatures category
|
|
0
|
1869
|
September 12, 2022
|
|
Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"|E8 00 00 00 00 0F 1A|"
|
|
4
|
58
|
May 6, 2025
|
|
SIGS: TerraStealerV2
|
|
2
|
40
|
May 2, 2025
|
|
SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload
|
|
2
|
56
|
April 29, 2025
|
|
SIG: ET MALWARE Possible Mints.Loader GET Request
|
|
2
|
20
|
April 29, 2025
|
|
SIGS: Possible Gamaredon APT Delimiter
|
|
2
|
70
|
April 25, 2025
|
|
SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback
|
|
1
|
66
|
April 22, 2025
|
|
SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes
|
|
3
|
35
|
April 22, 2025
|
|
ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025
|
|
2
|
110
|
April 14, 2025
|
|
PCRE in Sitecore CMS CSRFTOKEN Deserialization sid:2061119 for CVE-2019-9874
|
|
1
|
83
|
March 27, 2025
|
|
When loading rules for SID 2060960, 2060961, the message 'fast_pattern is ineffective with base64_data' occurs
|
|
1
|
55
|
March 25, 2025
|
|
ET WEB_SERVER Next.js CVE-2025-29927 middleware bypass attempt
|
|
1
|
73
|
March 24, 2025
|
|
SIG: ET TROJAN SocGholish/Ghostweaver PowerShell Boinc Download Request
|
|
2
|
142
|
March 5, 2025
|
|
SIGS: Http header whitespace
|
|
1
|
61
|
February 24, 2025
|
|
Zyxel runCommandInShell Telnet Service - rule id 2060323
|
|
0
|
37
|
February 25, 2025
|
|
SIGS: OneStartAI.PUA
|
|
2
|
106
|
February 7, 2025
|
|
Licensing of third-party rules
|
|
3
|
95
|
January 29, 2025
|
|
ET INFO PE EXE or DLL Windows file download HTTP (2018959), and Recent Tuning
|
|
0
|
271
|
January 17, 2025
|
|
ET MALWARE Gamaredon.APT TryCloudFlare Activity
|
|
2
|
144
|
January 7, 2025
|
|
The Many CVEs of D-Link HNAP Command Injection
|
|
0
|
125
|
January 2, 2025
|
|
ET SCAN ELF/Mirai Variant
|
|
2
|
137
|
December 31, 2024
|
|
SIGS: Zloader
|
|
2
|
105
|
December 17, 2024
|
|
SIG: TryCloudFlare in SNI
|
|
1
|
74
|
December 10, 2024
|
|
ET TROJAN Win32/BugSleep CnC Checkin
|
|
4
|
313
|
November 2, 2024
|
|
SIGS: Android/TrickMo.Banker
|
|
2
|
63
|
October 29, 2024
|
|
Ailurophile Stealer
|
|
1
|
168
|
October 28, 2024
|
|
Signature Mints Loader
|
|
1
|
98
|
October 25, 2024
|
|
Privateloader
|
|
5
|
371
|
October 14, 2024
|
|
[False Positive] ET INFO domain VirusTotal
|
|
1
|
121
|
October 14, 2024
|
|
PortStarter Backdoor Sigs
|
|
1
|
55
|
October 10, 2024
|