Happy Friday! Powered by Free Sig Friday today, we’ve had 120 (!) new Suricata IDS rules which were added to our ET Open ruleset this week. Lets take a look at what was shared with us this week to make this happen…
Sigs to enumerate and detection payload requests from the Pyramid framework (SIDs 204307-204315)
Vector Stealer Data Exfil via Telegram, SID 2043289 via @suyog42
Kimsuky C2 activity, SIDs 2043369 and 2043370 created from public post by @ahnlab
SID 2043333, a Qakbot C2 POST activity alert, from @EclecticIQ
Nighthawk server response activity, SID 2043331, from a tip-up from @1ZRR4H
And also a great post on our Discourse, “Vidar Stealer Picks Up Steam!” by our own Isaac Shaughnessy!
Thanks for the great week of collab, community! Enjoy the weekend!