|
About the Rule Signatures category
|
|
0
|
2280
|
September 12, 2022
|
|
Idea for new rules
|
|
0
|
14
|
February 4, 2026
|
|
Phishing / Crypto Wallet Drainer - psyopanime.net
|
|
2
|
65
|
January 15, 2026
|
|
Wrong malware family attribution 123Stealer
|
|
1
|
36
|
January 15, 2026
|
|
Closer cooperation between OPNsense and Suricata – TLS traffic decryption discussion
|
|
0
|
39
|
December 24, 2025
|
|
SIGS: CastleLoader/RAT
|
|
5
|
114
|
December 19, 2025
|
|
PowerShell Malware from 147.45.178.149
|
|
4
|
70
|
December 18, 2025
|
|
2010677 ET MALWARE Suspicious User-Agent (My Session)
|
|
4
|
69
|
December 5, 2025
|
|
AURA stealer
|
|
7
|
209
|
November 25, 2025
|
|
Suricata not detecting attacks using emerging threats
|
|
0
|
103
|
November 4, 2025
|
|
False Positive 2065016 ET TROJAN BPFDoor Heartbeat (Outbound)
|
|
2
|
184
|
October 6, 2025
|
|
False family: renaming rules from Lumma stealer to GCleaner loader
|
|
1
|
88
|
September 8, 2025
|
|
I want advice on Writing Better Detection Rules
|
|
3
|
112
|
September 2, 2025
|
|
SIG: ET HUNTING Possible JSFireTruck JavaScript Obfuscation
|
|
2
|
161
|
July 14, 2025
|
|
Games and Myths: Mythstealer Spotted in the Wild
|
|
1
|
265
|
July 1, 2025
|
|
Http.dottedquadhost and you
|
|
2
|
420
|
July 1, 2025
|
|
Invalid DNS rule with default snort configurations
|
|
0
|
73
|
June 25, 2025
|
|
External IP Lookup Rules
|
|
1
|
186
|
June 20, 2025
|
|
PayDay Loader
|
|
1
|
113
|
May 27, 2025
|
|
SIG: ET MALWARE MintsLoader CnC Activity (GET) M2
|
|
0
|
90
|
May 27, 2025
|
|
ADWARE_PUP PC App Store Client Installation in Progress
|
|
0
|
70
|
May 23, 2025
|
|
ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request
|
|
0
|
87
|
May 23, 2025
|
|
SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor
|
|
2
|
84
|
May 23, 2025
|
|
SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT
|
|
2
|
102
|
May 23, 2025
|
|
SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent
|
|
1
|
77
|
May 22, 2025
|
|
SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST
|
|
1
|
68
|
May 22, 2025
|
|
SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST
|
|
1
|
72
|
May 22, 2025
|
|
SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download
|
|
2
|
119
|
May 19, 2025
|
|
ET MALWARE JavaScript Loader Associated With Interlock Ransomware
|
|
1
|
110
|
May 12, 2025
|
|
Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"|E8 00 00 00 00 0F 1A|"
|
|
4
|
177
|
May 6, 2025
|