Latest Rule Signatures topics

Topic	Replies	Views	Activity
About the Rule Signatures category	0	2162	September 12, 2022
AURA stealer	2	44	November 17, 2025
Suricata not detecting attacks using emerging threats cves , suricata , false-positives	0	43	November 4, 2025
False Positive 2065016 ET TROJAN BPFDoor Heartbeat (Outbound) false-positives	2	152	October 6, 2025
False family: renaming rules from Lumma stealer to GCleaner loader false-positives , etopen	1	80	September 8, 2025
I want advice on Writing Better Detection Rules	3	92	September 2, 2025
SIG: ET HUNTING Possible JSFireTruck JavaScript Obfuscation	2	146	July 14, 2025
Games and Myths: Mythstealer Spotted in the Wild	1	231	July 1, 2025
Http.dottedquadhost and you	2	321	July 1, 2025
Invalid DNS rule with default snort configurations	0	67	June 25, 2025
External IP Lookup Rules	1	147	June 20, 2025
PayDay Loader	1	105	May 27, 2025
SIG: ET MALWARE MintsLoader CnC Activity (GET) M2	0	81	May 27, 2025
ADWARE_PUP PC App Store Client Installation in Progress	0	63	May 23, 2025
ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request	0	75	May 23, 2025
SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor	2	67	May 23, 2025
SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT	2	83	May 23, 2025
SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent	1	63	May 22, 2025
SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST	1	54	May 22, 2025
SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST	1	57	May 22, 2025
SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download	2	107	May 19, 2025
ET MALWARE JavaScript Loader Associated With Interlock Ransomware	1	103	May 12, 2025
Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"\|E8 00 00 00 00 0F 1A\|"	4	151	May 6, 2025
SIGS: TerraStealerV2	2	85	May 2, 2025
SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload	2	93	April 29, 2025
SIG: ET MALWARE Possible Mints.Loader GET Request	2	52	April 29, 2025
SIGS: Possible Gamaredon APT Delimiter	2	197	April 25, 2025
SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback	1	105	April 22, 2025
SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes	3	85	April 22, 2025
ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025 etopen	2	163	April 14, 2025

About the Rule Signatures category

0

2162

September 12, 2022

AURA stealer

2

44

November 17, 2025

Suricata not detecting attacks using emerging threats

cves , suricata , false-positives

0

43

November 4, 2025

False Positive 2065016 ET TROJAN BPFDoor Heartbeat (Outbound)

false-positives

2

152

October 6, 2025

False family: renaming rules from Lumma stealer to GCleaner loader

false-positives , etopen

1

80

September 8, 2025

I want advice on Writing Better Detection Rules

3

92

September 2, 2025

SIG: ET HUNTING Possible JSFireTruck JavaScript Obfuscation

2

146

July 14, 2025

Games and Myths: Mythstealer Spotted in the Wild

1

231

July 1, 2025

Http.dottedquadhost and you

2

321

July 1, 2025

Invalid DNS rule with default snort configurations

0

67

June 25, 2025

External IP Lookup Rules

1

147

June 20, 2025

PayDay Loader

1

105

May 27, 2025

SIG: ET MALWARE MintsLoader CnC Activity (GET) M2

0

81

May 27, 2025

ADWARE_PUP PC App Store Client Installation in Progress

0

63

May 23, 2025

ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request

0

75

May 23, 2025

SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor

2

67

May 23, 2025

SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT

2

83

May 23, 2025

SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent

1

63

May 22, 2025

SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST

1

54

May 22, 2025

SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST

1

57

May 22, 2025

SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download

2

107

May 19, 2025

ET MALWARE JavaScript Loader Associated With Interlock Ransomware

1

103

May 12, 2025

Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"|E8 00 00 00 00 0F 1A|"

4

151

May 6, 2025

SIGS: TerraStealerV2

2

85

May 2, 2025

SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload

2

93

April 29, 2025

SIG: ET MALWARE Possible Mints.Loader GET Request

2

52

April 29, 2025

SIGS: Possible Gamaredon APT Delimiter

2

197

April 25, 2025

SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback

1

105

April 22, 2025

SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes

3

85

April 22, 2025

ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025

etopen

2

163

April 14, 2025