Weekly Community Review - January 20, 2023

Happy Friday! Powered by Free Sig Friday today, we’ve had 120 (!) new Suricata IDS rules which were added to our ET Open ruleset this week. Lets take a look at what was shared with us this week to make this happen…

Sigs to enumerate and detection payload requests from the Pyramid framework (SIDs 204307-204315)

Vector Stealer Data Exfil via Telegram, SID 2043289 via @suyog42

Kimsuky C2 activity, SIDs 2043369 and 2043370 created from public post by @ahnlab

SID 2043333, a Qakbot C2 POST activity alert, from @EclecticIQ

Nighthawk server response activity, SID 2043331, from a tip-up from @1ZRR4H

And also a great post on our Discourse, “Vidar Stealer Picks Up Steam!” by our own Isaac Shaughnessy!

Thanks for the great week of collab, community! Enjoy the weekend!

2 Likes