|
[False Positive] ET INFO domain VirusTotal
|
|
1
|
151
|
October 14, 2024
|
|
PortStarter Backdoor Sigs
|
|
1
|
77
|
October 10, 2024
|
|
Grimresource transformNode Obfuscation
|
|
5
|
186
|
October 10, 2024
|
|
Signature: CleanUp Loader
|
|
2
|
97
|
October 9, 2024
|
|
Sid:2055984 Ivanti Cloud Service Appliance Authenticated Command Injection (CVE-2024-8190)
|
|
1
|
139
|
October 1, 2024
|
|
Poverty Stealer
|
|
12
|
971
|
September 17, 2024
|
|
FP? NanoLocker - SID: 2022331
|
|
1
|
136
|
September 12, 2024
|
|
NMAP ruleset are FP?
|
|
1
|
154
|
September 5, 2024
|
|
DiamotrixClipper
|
|
2
|
335
|
August 30, 2024
|
|
BadSpace Sigs
|
|
1
|
116
|
August 19, 2024
|
|
Where to find details on each threat definition?
|
|
1
|
376
|
August 5, 2024
|
|
Vidar Stealer
|
|
7
|
686
|
July 15, 2024
|
|
Metastealer v.5 TLS
|
|
6
|
538
|
July 10, 2024
|
|
Why not leverage Suricata datasets for IoC rules?
|
|
1
|
167
|
July 8, 2024
|
|
Cryptbot Stealer - Update on Rules
|
|
4
|
634
|
July 5, 2024
|
|
ET POLICY Reserved Internal IP Traffic
|
|
1
|
526
|
June 24, 2024
|
|
False positive on rule #2032926
|
|
4
|
236
|
June 23, 2024
|
|
NjRAT variant - tXRAT v.2.3R
|
|
1
|
224
|
June 21, 2024
|
|
False positives on hunting rule
|
|
2
|
137
|
June 21, 2024
|
|
WhiteSnake
|
|
4
|
343
|
June 17, 2024
|
|
Gh0stRat.Generic SweetSpecter variant
|
|
1
|
293
|
June 13, 2024
|
|
ET EXPLOIT Fortinet FortiSIEM Unauthenticated Command Injection CVE-2023-34992
|
|
3
|
245
|
June 3, 2024
|
|
PrivateLoader Signature
|
|
2
|
183
|
May 20, 2024
|
|
Lumma Stealer Domain
|
|
4
|
236
|
May 20, 2024
|
|
New to ET
|
|
3
|
271
|
May 20, 2024
|
|
SIG: ET TROJAN Atomic macOS (AMOS) Stealer JoinSystem
|
|
3
|
228
|
May 15, 2024
|
|
SIGS: W32/Badspace.Backdoor
|
|
2
|
1859
|
May 14, 2024
|
|
DarkGate new version
|
|
5
|
344
|
May 6, 2024
|
|
SIGS:Kapeka/ICYWELL Backdoor APT44/Sandworm Part 1
|
|
2
|
267
|
April 19, 2024
|
|
SIGS: Kapeka/ICYWELL Backdoor APT44/Sandworm Part 2
|
|
1
|
171
|
April 18, 2024
|