|
Echida Botnet
|
|
3
|
393
|
September 11, 2023
|
|
JSCAPE MFT Binary Management Java Deserialization - CVE-2023-4528
|
|
0
|
320
|
September 8, 2023
|
|
SIG: ET MOBILE_MALWARE Android/InfamousChisel.InfoStealer APT28/SANDWORM Data Exfiltration
|
|
2
|
349
|
September 1, 2023
|
|
TheBoxClipper
|
|
2
|
458
|
August 30, 2023
|
|
RootTeam Stealer and overlap issues on Bandit Stealer rule detection
|
|
7
|
712
|
August 29, 2023
|
|
Mekotio
|
|
2
|
370
|
August 24, 2023
|
|
Parallax Rat
|
|
3
|
328
|
August 14, 2023
|
|
SIG: CloudFlare Tunnel DNS Query For argotunnel.com
|
|
2
|
240
|
August 14, 2023
|
|
DarkCloud
|
|
2
|
429
|
August 9, 2023
|
|
Phemedrone Stealer
|
|
1
|
272
|
August 7, 2023
|
|
Possible FP - JA3 Hash - [Abuse.ch] Possible Adware
|
|
1
|
362
|
August 1, 2023
|
|
PennyWise Stealer - Update on rules
|
|
2
|
432
|
July 28, 2023
|
|
Hydrochasma (Fast Reverse Proxy)
|
|
7
|
605
|
July 27, 2023
|
|
SIGNATURE: MalDoc/Gamaredon CnC: (ADMIN- prepend)
|
|
2
|
326
|
July 27, 2023
|
|
Lazarus APT Backdoor
|
|
5
|
712
|
July 27, 2023
|
|
Rockwell cve 2023-3595 and 2023-3596 signatures
|
|
0
|
664
|
July 20, 2023
|
|
Konni.APT
|
|
1
|
455
|
July 14, 2023
|
|
Possible FP: ET MALWARE Sourtoff Receiving Simda Payload
|
|
4
|
346
|
July 7, 2023
|
|
Mystic Stealer signature
|
|
6
|
687
|
June 28, 2023
|
|
StatusRecorder
|
|
1
|
383
|
June 27, 2023
|
|
ObserverStealer
|
|
5
|
593
|
June 23, 2023
|
|
GoodMorning Ransomware
|
|
7
|
478
|
June 23, 2023
|
|
FPs on new sig 2854494
|
|
2
|
326
|
June 20, 2023
|
|
SIG: MoveIt File Transfer WebShell Interaction
|
|
3
|
746
|
June 13, 2023
|
|
DynamicRAT
|
|
2
|
554
|
June 10, 2023
|
|
Gurcu stealer report outbound
|
|
7
|
428
|
May 30, 2023
|
|
New Signature: MalDoc/Gamaredon CnC Activity
|
|
1
|
206
|
May 19, 2023
|
|
Tracemap checkin
|
|
2
|
232
|
May 19, 2023
|
|
False positive for SID 2015813?: DNS Query Sinkhole Domain
|
|
1
|
336
|
May 15, 2023
|
|
Need a feedback about Kerio Control rule that's blocking the web, domen, even application
|
|
3
|
302
|
May 1, 2023
|