About the Rule Signatures category
|
|
0
|
1904
|
September 12, 2022
|
PayDay Loader
|
|
1
|
31
|
May 27, 2025
|
SIG: ET MALWARE MintsLoader CnC Activity (GET) M2
|
|
0
|
11
|
May 27, 2025
|
ADWARE_PUP PC App Store Client Installation in Progress
|
|
0
|
29
|
May 23, 2025
|
ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request
|
|
0
|
24
|
May 23, 2025
|
SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor
|
|
2
|
28
|
May 23, 2025
|
SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT
|
|
2
|
36
|
May 23, 2025
|
SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent
|
|
1
|
35
|
May 22, 2025
|
SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST
|
|
1
|
22
|
May 22, 2025
|
SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST
|
|
1
|
23
|
May 22, 2025
|
SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download
|
|
2
|
74
|
May 19, 2025
|
ET MALWARE JavaScript Loader Associated With Interlock Ransomware
|
|
1
|
79
|
May 12, 2025
|
Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"|E8 00 00 00 00 0F 1A|"
|
|
4
|
108
|
May 6, 2025
|
SIGS: TerraStealerV2
|
|
2
|
66
|
May 2, 2025
|
SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload
|
|
2
|
79
|
April 29, 2025
|
SIG: ET MALWARE Possible Mints.Loader GET Request
|
|
2
|
35
|
April 29, 2025
|
SIGS: Possible Gamaredon APT Delimiter
|
|
2
|
100
|
April 25, 2025
|
SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback
|
|
1
|
82
|
April 22, 2025
|
SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes
|
|
3
|
49
|
April 22, 2025
|
ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025
|
|
2
|
117
|
April 14, 2025
|
PCRE in Sitecore CMS CSRFTOKEN Deserialization sid:2061119 for CVE-2019-9874
|
|
1
|
88
|
March 27, 2025
|
When loading rules for SID 2060960, 2060961, the message 'fast_pattern is ineffective with base64_data' occurs
|
|
1
|
63
|
March 25, 2025
|
ET WEB_SERVER Next.js CVE-2025-29927 middleware bypass attempt
|
|
1
|
82
|
March 24, 2025
|
SIG: ET TROJAN SocGholish/Ghostweaver PowerShell Boinc Download Request
|
|
2
|
149
|
March 5, 2025
|
SIGS: Http header whitespace
|
|
1
|
68
|
February 24, 2025
|
Zyxel runCommandInShell Telnet Service - rule id 2060323
|
|
0
|
39
|
February 25, 2025
|
SIGS: OneStartAI.PUA
|
|
2
|
116
|
February 7, 2025
|
Licensing of third-party rules
|
|
3
|
100
|
January 29, 2025
|
ET INFO PE EXE or DLL Windows file download HTTP (2018959), and Recent Tuning
|
|
0
|
301
|
January 17, 2025
|
ET MALWARE Gamaredon.APT TryCloudFlare Activity
|
|
2
|
156
|
January 7, 2025
|