Latest Rule Signatures topics

Topic	Replies	Views	Activity
About the Rule Signatures category	0	1961	September 12, 2022
SIG: ET HUNTING Possible JSFireTruck JavaScript Obfuscation	2	52	July 14, 2025
Games and Myths: Mythstealer Spotted in the Wild	1	115	July 1, 2025
Http.dottedquadhost and you	2	123	July 1, 2025
Invalid DNS rule with default snort configurations	0	37	June 25, 2025
External IP Lookup Rules	1	77	June 20, 2025
PayDay Loader	1	68	May 27, 2025
SIG: ET MALWARE MintsLoader CnC Activity (GET) M2	0	53	May 27, 2025
ADWARE_PUP PC App Store Client Installation in Progress	0	46	May 23, 2025
ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request	0	56	May 23, 2025
SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor	2	53	May 23, 2025
SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT	2	66	May 23, 2025
SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent	1	54	May 22, 2025
SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST	1	44	May 22, 2025
SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST	1	42	May 22, 2025
SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download	2	90	May 19, 2025
ET MALWARE JavaScript Loader Associated With Interlock Ransomware	1	93	May 12, 2025
Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"\|E8 00 00 00 00 0F 1A\|"	4	131	May 6, 2025
SIGS: TerraStealerV2	2	78	May 2, 2025
SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload	2	85	April 29, 2025
SIG: ET MALWARE Possible Mints.Loader GET Request	2	47	April 29, 2025
SIGS: Possible Gamaredon APT Delimiter	2	139	April 25, 2025
SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback	1	91	April 22, 2025
SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes	3	61	April 22, 2025
ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025 etopen	2	133	April 14, 2025
PCRE in Sitecore CMS CSRFTOKEN Deserialization sid:2061119 for CVE-2019-9874 feedback , etopen , suricata	1	94	March 27, 2025
When loading rules for SID 2060960, 2060961, the message 'fast_pattern is ineffective with base64_data' occurs etopen , suricata	1	67	March 25, 2025
ET WEB_SERVER Next.js CVE-2025-29927 middleware bypass attempt etopen	1	87	March 24, 2025
SIG: ET TROJAN SocGholish/Ghostweaver PowerShell Boinc Download Request	2	158	March 5, 2025
SIGS: Http header whitespace	1	72	February 24, 2025

About the Rule Signatures category

0

1961

September 12, 2022

SIG: ET HUNTING Possible JSFireTruck JavaScript Obfuscation

2

52

July 14, 2025

Games and Myths: Mythstealer Spotted in the Wild

1

115

July 1, 2025

Http.dottedquadhost and you

2

123

July 1, 2025

Invalid DNS rule with default snort configurations

0

37

June 25, 2025

External IP Lookup Rules

1

77

June 20, 2025

PayDay Loader

1

68

May 27, 2025

SIG: ET MALWARE MintsLoader CnC Activity (GET) M2

0

53

May 27, 2025

ADWARE_PUP PC App Store Client Installation in Progress

0

46

May 23, 2025

ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request

0

56

May 23, 2025

SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor

2

53

May 23, 2025

SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT

2

66

May 23, 2025

SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent

1

54

May 22, 2025

SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST

1

44

May 22, 2025

SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST

1

42

May 22, 2025

SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download

2

90

May 19, 2025

ET MALWARE JavaScript Loader Associated With Interlock Ransomware

1

93

May 12, 2025

Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"|E8 00 00 00 00 0F 1A|"

4

131

May 6, 2025

SIGS: TerraStealerV2

2

78

May 2, 2025

SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload

2

85

April 29, 2025

SIG: ET MALWARE Possible Mints.Loader GET Request

2

47

April 29, 2025

SIGS: Possible Gamaredon APT Delimiter

2

139

April 25, 2025

SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback

1

91

April 22, 2025

SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes

3

61

April 22, 2025

ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025

etopen

2

133

April 14, 2025

PCRE in Sitecore CMS CSRFTOKEN Deserialization sid:2061119 for CVE-2019-9874

feedback , etopen , suricata

1

94

March 27, 2025

When loading rules for SID 2060960, 2060961, the message 'fast_pattern is ineffective with base64_data' occurs

etopen , suricata

1

67

March 25, 2025

ET WEB_SERVER Next.js CVE-2025-29927 middleware bypass attempt

etopen

1

87

March 24, 2025

SIG: ET TROJAN SocGholish/Ghostweaver PowerShell Boinc Download Request

2

158

March 5, 2025

SIGS: Http header whitespace

1

72

February 24, 2025