Latest Rule Signatures topics

Topic	Replies	Views	Activity
SIG: ET MALWARE MintsLoader CnC Activity (GET) M2	0	101	May 27, 2025
ADWARE_PUP PC App Store Client Installation in Progress	0	82	May 23, 2025
ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request	0	99	May 23, 2025
SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor	2	101	May 23, 2025
SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT	2	133	May 23, 2025
SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent	1	93	May 22, 2025
SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST	1	82	May 22, 2025
SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST	1	84	May 22, 2025
SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download	2	134	May 19, 2025
ET MALWARE JavaScript Loader Associated With Interlock Ransomware	1	129	May 12, 2025
Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"\|E8 00 00 00 00 0F 1A\|"	4	241	May 6, 2025
SIGS: TerraStealerV2	2	108	May 2, 2025
SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload	2	118	April 29, 2025
SIG: ET MALWARE Possible Mints.Loader GET Request	2	84	April 29, 2025
SIGS: Possible Gamaredon APT Delimiter	2	254	April 25, 2025
SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback	1	123	April 22, 2025
SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes	3	138	April 22, 2025
ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025 etopen	2	221	April 14, 2025
PCRE in Sitecore CMS CSRFTOKEN Deserialization sid:2061119 for CVE-2019-9874 feedback , etopen , suricata	1	147	March 27, 2025
When loading rules for SID 2060960, 2060961, the message 'fast_pattern is ineffective with base64_data' occurs etopen , suricata	1	109	March 25, 2025
ET WEB_SERVER Next.js CVE-2025-29927 middleware bypass attempt etopen	1	133	March 24, 2025
SIG: ET TROJAN SocGholish/Ghostweaver PowerShell Boinc Download Request	2	203	March 5, 2025
SIGS: Http header whitespace	1	98	February 24, 2025
Zyxel runCommandInShell Telnet Service - rule id 2060323 etopen , false-positives	0	67	February 25, 2025
SIGS: OneStartAI.PUA	2	144	February 7, 2025
Licensing of third-party rules	3	194	January 29, 2025
ET INFO PE EXE or DLL Windows file download HTTP (2018959), and Recent Tuning	0	669	January 17, 2025
ET MALWARE Gamaredon.APT TryCloudFlare Activity	2	203	January 7, 2025
The Many CVEs of D-Link HNAP Command Injection	0	234	January 2, 2025
ET SCAN ELF/Mirai Variant malware	2	388	December 31, 2024

SIG: ET MALWARE MintsLoader CnC Activity (GET) M2

0

101

May 27, 2025

ADWARE_PUP PC App Store Client Installation in Progress

0

82

May 23, 2025

ET MALWARE GRAPELOADER & WINELOADER Russia APT29 Request

0

99

May 23, 2025

SIGS: APT28 HATVIBE.loader & CHERRYSPY.Backdoor

2

101

May 23, 2025

SIGS: ET MALWARE Skitnet/Bossnet Backdoor DNS TXT

2

133

May 23, 2025

SIG: ET MALWARE Gamaredon TryCloudFlare Activity - Known Delimiter in User-Agent

1

93

May 22, 2025

SIG: ET MALWARE LitterDrifter Gamaredon.APT HTTP POST

1

82

May 22, 2025

SIG: ET MALWARE APT28.Russia Macro Loader HTTP POST

1

84

May 22, 2025

SIGS: ET HUNTING Possible Obfuscated PowerShell Script Download

2

134

May 19, 2025

ET MALWARE JavaScript Loader Associated With Interlock Ransomware

1

129

May 12, 2025

Discuss about the rule 2012091: No Offset UDP Shellcode"; content:"|E8 00 00 00 00 0F 1A|"

4

241

May 6, 2025

SIGS: TerraStealerV2

2

108

May 2, 2025

SIG: ET MALWARE Possible Gremlin InfoStealer Data Upload

2

118

April 29, 2025

SIG: ET MALWARE Possible Mints.Loader GET Request

2

84

April 29, 2025

SIGS: Possible Gamaredon APT Delimiter

2

254

April 25, 2025

SIG: ET TROJAN Interlock.RansomGroup RAT Initial Callback

1

123

April 22, 2025

SIG: ET TROJAN Possible Havoc C2 Framework Beacon Magic Bytes

3

138

April 22, 2025

ET MALWARE Specter Insight Beacon CnC Checkin; sid: 2061025

etopen

2

221

April 14, 2025

PCRE in Sitecore CMS CSRFTOKEN Deserialization sid:2061119 for CVE-2019-9874

feedback , etopen , suricata

1

147

March 27, 2025

When loading rules for SID 2060960, 2060961, the message 'fast_pattern is ineffective with base64_data' occurs

etopen , suricata

1

109

March 25, 2025

ET WEB_SERVER Next.js CVE-2025-29927 middleware bypass attempt

etopen

1

133

March 24, 2025

SIG: ET TROJAN SocGholish/Ghostweaver PowerShell Boinc Download Request

2

203

March 5, 2025

SIGS: Http header whitespace

1

98

February 24, 2025

Zyxel runCommandInShell Telnet Service - rule id 2060323

etopen , false-positives

0

67

February 25, 2025

SIGS: OneStartAI.PUA

2

144

February 7, 2025

Licensing of third-party rules

3

194

January 29, 2025

ET INFO PE EXE or DLL Windows file download HTTP (2018959), and Recent Tuning

0

669

January 17, 2025

ET MALWARE Gamaredon.APT TryCloudFlare Activity

2

203

January 7, 2025

The Many CVEs of D-Link HNAP Command Injection

0

234

January 2, 2025

ET SCAN ELF/Mirai Variant

malware

2

388

December 31, 2024