Greetings all! At the end of this first week of January we’d like to start a new weekly messaging around the impact the community has had around our efforts within the ET Open ruleset! During this short week we had 77(!) rules created in ET Open thanks to the fine efforts of our community and its contributors!
As a reminder, there are many ways to reach out to us with a tip-up on an interesting hash, article, or detection logic you’ve created - on twitter, on Discourse, on our mailing list via support[at]emergingthreats[dot]net or on our Discord (his us up via DM for an invite!). Many of this week’s contributions came via these methods. For example:
PyTorch discloses malicious dependency chain compromise over holidays (SIDs 2043204 & 2043205)
https://twitter.com/ViriBack/status/1610470920426258432?s=20&t=NAjqg3viGv1JWVRu8mOOPw (SIDs 2043221-2043225)
RedLine Stealer beacon (a community post where previously PRO detection logic was moved to Open via the contributions of a community member!)
ViperSoftX C2 domains (SIDs 2043218 & 2043219)
and twitter.com/James_inthe_box/status/1572676263462174721 (SIDs 2043175 & 2043176)
A reminder, these rules, which are tested with as much fidelity as our ‘paid’ rules, are provided in as timely a manor as possible which is as soon as the detection logic can be created and tested in QA.
Thanks again to the community for their contributions and we look forward to more collaboration throughout 2023!