|
Question on 2028867
|
|
5
|
200
|
December 13, 2023
|
|
FP: ETPRO TROJAN Possible Panda Banker DGA Lets Encrypt SSL Cert [2825567]
|
|
2
|
222
|
November 29, 2023
|
|
MALWARE - classtype:misc-activity
|
|
1
|
229
|
November 27, 2023
|
|
Is bloodhound signature included in the latest weekly update
|
|
3
|
177
|
November 23, 2023
|
|
SIG: W32/LitterDrifter.Loader Gamaredon USB Worm
|
|
2
|
187
|
November 21, 2023
|
|
New Sig: ET TROJAN W32/Kazuar.Backdoor Turla APT Hardcoded Cookie
|
|
1
|
358
|
November 20, 2023
|
|
False positive on Android Trojan
|
|
1
|
295
|
October 19, 2023
|
|
2048118 is a little loose
|
|
3
|
214
|
October 12, 2023
|
|
Addressing an FP: 2016950 - ET MALWARE Possible Win32/Hupigon ip.txt with a Non-Mozilla UA
|
|
0
|
219
|
October 2, 2023
|
|
Eternity Clipper
|
|
4
|
400
|
September 27, 2023
|
|
NStealer v2
|
|
3
|
476
|
September 25, 2023
|
|
Lumma Stealer Updates
|
|
2
|
518
|
September 15, 2023
|
|
Echida Botnet
|
|
3
|
383
|
September 11, 2023
|
|
JSCAPE MFT Binary Management Java Deserialization - CVE-2023-4528
|
|
0
|
301
|
September 8, 2023
|
|
SIG: ET MOBILE_MALWARE Android/InfamousChisel.InfoStealer APT28/SANDWORM Data Exfiltration
|
|
2
|
347
|
September 1, 2023
|
|
TheBoxClipper
|
|
2
|
452
|
August 30, 2023
|
|
RootTeam Stealer and overlap issues on Bandit Stealer rule detection
|
|
7
|
698
|
August 29, 2023
|
|
Mekotio
|
|
2
|
367
|
August 24, 2023
|
|
Parallax Rat
|
|
3
|
317
|
August 14, 2023
|
|
SIG: CloudFlare Tunnel DNS Query For argotunnel.com
|
|
2
|
216
|
August 14, 2023
|
|
DarkCloud
|
|
2
|
415
|
August 9, 2023
|
|
Phemedrone Stealer
|
|
1
|
252
|
August 7, 2023
|
|
Possible FP - JA3 Hash - [Abuse.ch] Possible Adware
|
|
1
|
317
|
August 1, 2023
|
|
PennyWise Stealer - Update on rules
|
|
2
|
430
|
July 28, 2023
|
|
Hydrochasma (Fast Reverse Proxy)
|
|
7
|
572
|
July 27, 2023
|
|
SIGNATURE: MalDoc/Gamaredon CnC: (ADMIN- prepend)
|
|
2
|
318
|
July 27, 2023
|
|
Lazarus APT Backdoor
|
|
5
|
685
|
July 27, 2023
|
|
Rockwell cve 2023-3595 and 2023-3596 signatures
|
|
0
|
600
|
July 20, 2023
|
|
Konni.APT
|
|
1
|
443
|
July 14, 2023
|
|
Possible FP: ET MALWARE Sourtoff Receiving Simda Payload
|
|
4
|
290
|
July 7, 2023
|