Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
YARA IoC Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
YARA IoC related posts
-
Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
-
Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
-
Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
-
OneNote Yara rule
-
What are your go-to websites to read cybersecurity news in 2023?
-
New Exchange Zero Day rumours [29th September]
-
Open source tools and DFIR Tryhackme equivalents
-
A note from our sponsor - InfluxDB
www.influxdata.com | 4 May 2024
Index
Project | Stars | |
---|---|---|
1 | signature-base | 2,337 |
2 | malware-ioc | 1,502 |
Sponsored