Ruleset Update Summary - 2023/01/11 - v10218


0 new OPEN, 0 new PRO (0 + 0)

The Emerging Threats mailing list is migrating to Discourse. Please visit us at

We will announce the mailing list retirement date in the near future.

Modified active rules:

  • 2026921 - ET ATTACK_RESPONSE PowerShell Execution String Base64 Encoded New-Object (ctT2J) in DNS TXT Response (attack_response.rules)
  • 2043278 - ET MALWARE Observed DNS Query to TA444/Lazarus Domain (concrecapital .com) (malware.rules)