APT29 / NOBELIUM VirusTotal retro hunt results using 12 newly release Yara rules

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/blueteamsec
#Signature #yara-rules #Yara #IoC #Scanner

Our great sponsors
  • Scout APM - Less time debugging, more time building
  • SonarLint - Deliver Cleaner and Safer Code - Right in Your IDE of Choice!
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • signature-base

    Signature base for my scanner tools

    Rules https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt29_nobelium_may21.yar

  • Loki

    Loki - Simple IOC and Incident Response Scanner (by Neo23x0)

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts