Attack Detection
@AttackDetection
Attack Detection Team at @ptsecurity
قد يعجبك
🚨Suricata Rules Update - Android Threats🚨 New Android-focused network detection rules are now live on rules.ptsecurity.com: • SpyNote • SuperCard X • Konfety • DCHSpy • RedHook • LunaSpy • ClayRAT • Brokewell • some generics #Suricata #AndroidMalware #CyberSecurity
🚨We have added a #Suricata signature for the recent #SharePoint RCE (#CVE-2025-53770, CVE-2025-49706) exploitation attributes to our open ruleset. It detects signs of successful machine key leakage. 🔗Check it out: rules.ptsecurity.com/view/ptopen-al… #cybersecurity #ids
🚨We have added new #suricata signatures for the recent #CitrixBleed2 (CVE-2025-5777) vulnerability in our open ruleset. Not only for an attempt, but for detection of a successful exploitation as well Check it out: 👉rules.ptsecurity.com/view/ptopen-al… #cybersecurity #ids #citrix
🚨 Malware Suricata Rules Update Available on rules.ptsecurity.com! 🚨 🛑 Remcos, XWorm RAT 🛑 Stealc v2 Stealer 🛑 Filsh Backdoor 🛑 Andromeda Botnet 🛑 PhantomEnigma Banker (see TI Report global.ptsecurity.com/analytics/pt-e…) #Suricata
🚨 We've added a new signature to our Suricata ruleset for the critical vulnerability CVE-2025-49113 in Roundcube, previously reproduced by @ptswarm. This RCE vulnerability potentially exposes millions of hosts worldwide. Update your rules now: rules.ptsecurity.com #Suricata
🐍 Suricata rules update ! We’ve added detections for newly disclosed RCE vulns: - Apache Tomcat (CVE-2025-24813) - Ingress NGINX (CVE-2025-1974) 🆕 Detects for tunnel services (tunnelto, Telebit, Pinggy), Rclone and AdaptixC2 activity. See full list → rules.ptsecurity.com
We're dropping a massive malware signature update 🎭 Highlights: RustyNet loader, WorldWind stealer, Slam RAT, nasty XWorm, SpyNote, Hydra, Zanubis ...and plenty more! 🔗 rules.ptsecurity.com
Guess who's back? 🎉 Our Suricata ruleset has found a new home at rules.ptsecurity.com! Enable source ptrules/open in Suricata-Update to stay ahead of threats.
Spring Core RCE 0day aka Spring4Shell came out recently. Detect exploitation attempts with our #suricata rule: github.com/ptresearch/Att…
One can get #Zabbix panel admin rights in one request with CVE-2022-23131. But you can detect it easily with our #suricata rule. We worked on possible rule bypasses and false positive rate github.com/ptresearch/Att…
Good: Use our #suricata rules to detect malicious attempts of the new CVE-2021-41773 #Apache HTTP Server dir traversal. Better: Patch your apache The best: Do both! github.com/ptresearch/Att…
🔥 We have reproduced the fresh CVE-2021-41773 Path Traversal vulnerability in Apache 2.4.49. If files outside of the document root are not protected by "require all denied" these requests can succeed. Patch ASAP! httpd.apache.org/security/vulne…
How to get a system shell on any windows version? Use #SystemNightmare exploit. How to detect SystemNightmare usage in a network? Use our rules! Oh, here they are: github.com/ptresearch/Att…
We released rules for #suricata in order to detect exploitation of a new vuln #PetitPotam. Also detection of a successful attempt inside: github.com/ptresearch/Att…
Hi all, MS-RPRN to coerce machine authentication is great but the service is often disabled nowadays by admins on most orgz. Here is one another way we use to elicit machine account auth via MS-EFSRPC. Enjoy!! :) github.com/topotam/PetitP…
Use our #suricata rules to detect both #PrintNightmare (CVE-2021-1675) exploits. Adding printer driver across the network is rare but still possible case, so there might be a few of false alerts. Tell us if you get some. github.com/ptresearch/Att…
xfreerdp software in your network? It might be some malicious activity! Detect it with our #suricata rule, works for security level rdp only. Good for some other open source clients as well. github.com/ptresearch/Att…
Open letter to the research community ptsecurity.com/ww-en/about/ne…
United States الاتجاهات
- 1. #ALLOCATION 169K posts
- 2. The BIGGЕST 532K posts
- 3. #JUPITER 170K posts
- 4. #GMMTVxTPDA2025 341K posts
- 5. Kanata 21.8K posts
- 6. Good Tuesday 24.2K posts
- 7. #AreYouSure2 42.2K posts
- 8. #GivingTuesday 7,693 posts
- 9. SNOW DAY 7,346 posts
- 10. Lakers 49.5K posts
- 11. Dart 37.8K posts
- 12. Hololive 16K posts
- 13. Dillon Brooks 7,795 posts
- 14. Bron 26K posts
- 15. Costco 27.1K posts
- 16. STEAK 10.8K posts
- 17. $KABUTO 10.7K posts
- 18. Matt Van Epps 59.1K posts
- 19. Suns 20.3K posts
- 20. Maye 35.3K posts
قد يعجبك
-
SpecterOps
@SpecterOps -
Olaf Hartong
@olafhartong -
RedDrip Team
@RedDrip7 -
Seongsu Park
@unpacker -
Panos Gkatziroulis 🦄
@ipurple -
Suricata IDS/IPS
@Suricata_IDS -
Snort 🐷
@snort -
ExecuteMalware
@executemalware -
CAPE Sandbox
@CapeSandbox -
Ring3API 🇺🇦
@ntlmrelay -
Stamus Networks
@StamusN -
ET Labs
@ET_Labs -
pevma
@pevma -
Matthew Dunwoody
@matthewdunwoody -
OISF
@OISFoundation
Something went wrong.
Something went wrong.