Attack Detection
@AttackDetection
Attack Detection Team at @ptsecurity
قد يعجبك
🚨Suricata Rules Update - Android Threats🚨 New Android-focused network detection rules are now live on rules.ptsecurity.com: • SpyNote • SuperCard X • Konfety • DCHSpy • RedHook • LunaSpy • ClayRAT • Brokewell • some generics #Suricata #AndroidMalware #CyberSecurity
🚨We have added a #Suricata signature for the recent #SharePoint RCE (#CVE-2025-53770, CVE-2025-49706) exploitation attributes to our open ruleset. It detects signs of successful machine key leakage. 🔗Check it out: rules.ptsecurity.com/view/ptopen-al… #cybersecurity #ids
🚨We have added new #suricata signatures for the recent #CitrixBleed2 (CVE-2025-5777) vulnerability in our open ruleset. Not only for an attempt, but for detection of a successful exploitation as well Check it out: 👉rules.ptsecurity.com/view/ptopen-al… #cybersecurity #ids #citrix
🚨 Malware Suricata Rules Update Available on rules.ptsecurity.com! 🚨 🛑 Remcos, XWorm RAT 🛑 Stealc v2 Stealer 🛑 Filsh Backdoor 🛑 Andromeda Botnet 🛑 PhantomEnigma Banker (see TI Report global.ptsecurity.com/analytics/pt-e…) #Suricata
🚨 We've added a new signature to our Suricata ruleset for the critical vulnerability CVE-2025-49113 in Roundcube, previously reproduced by @ptswarm. This RCE vulnerability potentially exposes millions of hosts worldwide. Update your rules now: rules.ptsecurity.com #Suricata
🐍 Suricata rules update ! We’ve added detections for newly disclosed RCE vulns: - Apache Tomcat (CVE-2025-24813) - Ingress NGINX (CVE-2025-1974) 🆕 Detects for tunnel services (tunnelto, Telebit, Pinggy), Rclone and AdaptixC2 activity. See full list → rules.ptsecurity.com
We're dropping a massive malware signature update 🎭 Highlights: RustyNet loader, WorldWind stealer, Slam RAT, nasty XWorm, SpyNote, Hydra, Zanubis ...and plenty more! 🔗 rules.ptsecurity.com
Guess who's back? 🎉 Our Suricata ruleset has found a new home at rules.ptsecurity.com! Enable source ptrules/open in Suricata-Update to stay ahead of threats.
Spring Core RCE 0day aka Spring4Shell came out recently. Detect exploitation attempts with our #suricata rule: github.com/ptresearch/Att…
One can get #Zabbix panel admin rights in one request with CVE-2022-23131. But you can detect it easily with our #suricata rule. We worked on possible rule bypasses and false positive rate github.com/ptresearch/Att…
Good: Use our #suricata rules to detect malicious attempts of the new CVE-2021-41773 #Apache HTTP Server dir traversal. Better: Patch your apache The best: Do both! github.com/ptresearch/Att…
🔥 We have reproduced the fresh CVE-2021-41773 Path Traversal vulnerability in Apache 2.4.49. If files outside of the document root are not protected by "require all denied" these requests can succeed. Patch ASAP! httpd.apache.org/security/vulne…
How to get a system shell on any windows version? Use #SystemNightmare exploit. How to detect SystemNightmare usage in a network? Use our rules! Oh, here they are: github.com/ptresearch/Att…
We released rules for #suricata in order to detect exploitation of a new vuln #PetitPotam. Also detection of a successful attempt inside: github.com/ptresearch/Att…
Hi all, MS-RPRN to coerce machine authentication is great but the service is often disabled nowadays by admins on most orgz. Here is one another way we use to elicit machine account auth via MS-EFSRPC. Enjoy!! :) github.com/topotam/PetitP…
Use our #suricata rules to detect both #PrintNightmare (CVE-2021-1675) exploits. Adding printer driver across the network is rare but still possible case, so there might be a few of false alerts. Tell us if you get some. github.com/ptresearch/Att…
xfreerdp software in your network? It might be some malicious activity! Detect it with our #suricata rule, works for security level rdp only. Good for some other open source clients as well. github.com/ptresearch/Att…
Open letter to the research community ptsecurity.com/ww-en/about/ne…
United States الاتجاهات
- 1. D’Angelo 299K posts
- 2. Young Republicans 15.8K posts
- 3. #PortfolioDay 17.4K posts
- 4. Pentagon 110K posts
- 5. Politico 176K posts
- 6. Presidential Medal of Freedom 66.7K posts
- 7. Brown Sugar 21.4K posts
- 8. Angie Stone 34.7K posts
- 9. Big 12 N/A
- 10. Drew Struzan 30.1K posts
- 11. David Bell N/A
- 12. Scream 5 N/A
- 13. Black Messiah 11.2K posts
- 14. Venables 3,842 posts
- 15. Soybeans 5,761 posts
- 16. Milei 279K posts
- 17. NHRA N/A
- 18. Merino 16.2K posts
- 19. World Cup 355K posts
- 20. VPNs 1,560 posts
قد يعجبك
-
SpecterOps
@SpecterOps -
Olaf Hartong
@olafhartong -
RedDrip Team
@RedDrip7 -
Seongsu Park
@unpacker -
Panos Gkatziroulis 🦄
@netbiosX -
Suricata IDS/IPS
@Suricata_IDS -
Snort 🐷
@snort -
ExecuteMalware
@executemalware -
CAPE Sandbox
@CapeSandbox -
Ring3API 🇺🇦
@ntlmrelay -
Stamus Networks
@StamusN -
ET Labs
@ET_Labs -
pevma
@pevma -
OISF
@OISFoundation -
Andrew Case
@attrc
Something went wrong.
Something went wrong.