Latest Rule Signatures topics

Topic	Replies	Views	Activity
About the Rule Signatures category	0	2024	September 12, 2022
False family: renaming rules from Lumma stealer to GCleaner loader false-positives , etopen	1	39	September 8, 2025
I want advice on Writing Better Detection Rules	3	57	September 2, 2025
SIG: ET HUNTING Possible JSFireTruck JavaScript Obfuscation	2	124	July 14, 2025
Games and Myths: Mythstealer Spotted in the Wild	1	175	July 1, 2025
Http.dottedquadhost and you	2	181	July 1, 2025
Invalid DNS rule with default snort configurations	0	51	June 25, 2025
External IP Lookup Rules	1	99	June 20, 2025
PayDay Loader	1	92	May 27, 2025
SIG: ET MALWARE MintsLoader CnC Activity (GET) M2	0	72	May 27, 2025
ADWARE_PUP PC App Store Client Installation in Progress	0	55	May 23, 2025
ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request	0	71	May 23, 2025
SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor	2	59	May 23, 2025
SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT	2	71	May 23, 2025
SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent	1	59	May 22, 2025
SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST	1	51	May 22, 2025
SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST	1	49	May 22, 2025
SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download	2	99	May 19, 2025
ET MALWARE JavaScript Loader Associated With Interlock Ransomware	1	99	May 12, 2025
Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"\|E8 00 00 00 00 0F 1A\|"	4	143	May 6, 2025
SIGS: TerraStealerV2	2	80	May 2, 2025
SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload	2	90	April 29, 2025
SIG: ET MALWARE Possible Mints.Loader GET Request	2	52	April 29, 2025
SIGS: Possible Gamaredon APT Delimiter	2	173	April 25, 2025
SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback	1	101	April 22, 2025
SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes	3	72	April 22, 2025
ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025 etopen	2	157	April 14, 2025
PCRE in Sitecore CMS CSRFTOKEN Deserialization sid:2061119 for CVE-2019-9874 feedback , etopen , suricata	1	99	March 27, 2025
When loading rules for SID 2060960, 2060961, the message 'fast_pattern is ineffective with base64_data' occurs etopen , suricata	1	72	March 25, 2025
ET WEB_SERVER Next.js CVE-2025-29927 middleware bypass attempt etopen	1	92	March 24, 2025