Ruleset Update Summary - 2024/07/16 - v10646

rulesbot · July 16, 2024, 8:30pm

Summary:

15 new OPEN, 20 new PRO (15 + 5)

Thanks @naumovax

2054500 - ET MALWARE Patchwork APT Victim Registration (malware.rules)
2054501 - ET MALWARE Patchwork APT CnC Activity (starget) (malware.rules)
2054502 - ET MALWARE Patchwork APT Host Details Exfil (malware.rules)
2054503 - ET MALWARE Patchwork APT CnC Activity (uuiddsd) (malware.rules)
2054504 - ET MALWARE Patchwork APT CnC Activity (umnome) (malware.rules)
2054505 - ET MALWARE Patchwork APT Malformed HTTP Request (malware.rules)
2054506 - ET MALWARE Patchwork APT Malformed HTTP Request CnC Response (malware.rules)
2054507 - ET MALWARE Patchwork CnC Domain in DNS Lookup (xinhuanet .nihaoucloud .org) (malware.rules)
2054508 - ET MALWARE Patchwork CnC Domain in DNS Lookup (centling .nihaoucloud .org) (malware.rules)
2054509 - ET MALWARE Patchwork CnC Domain in DNS Lookup (weibo .nihaoucloud .org) (malware.rules)
2054510 - ET MALWARE Patchwork CnC Domain in DNS Lookup (hengtian .nihaoucloud .org) (malware.rules)
2054511 - ET MALWARE Observed Patchwork Domain (xinhuanet .nihaoucloud .org in TLS SNI) (malware.rules)
2054512 - ET MALWARE Observed Patchwork Domain (centling .nihaoucloud .org in TLS SNI) (malware.rules)
2054513 - ET MALWARE Observed Patchwork Domain (weibo .nihaoucloud .org in TLS SNI) (malware.rules)
2054514 - ET MALWARE Observed Patchwork Domain (hengtian .nihaoucloud .org in TLS SNI) (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2023/04/14 - v10298 Ruleset Updates	352	April 14, 2023
Ruleset Update Summary - 2023/09/05 - v10410 Ruleset Updates	286	September 5, 2023
Ruleset Update Summary - 2024/03/07 - v10547 Ruleset Updates	282	March 7, 2024
Ruleset Update Summary - 2023/07/18 - v10374 Ruleset Updates	230	July 18, 2023
Ruleset Update Summary - 2023/04/27 - v10309 Ruleset Updates	287	April 27, 2023