Attack Detection
@AttackDetection
Attack Detection Team at @ptsecurity
You might like
🚨Suricata Rules Update - Android Threats🚨 New Android-focused network detection rules are now live on rules.ptsecurity.com: • SpyNote • SuperCard X • Konfety • DCHSpy • RedHook • LunaSpy • ClayRAT • Brokewell • some generics #Suricata #AndroidMalware #CyberSecurity
🚨We have added a #Suricata signature for the recent #SharePoint RCE (#CVE-2025-53770, CVE-2025-49706) exploitation attributes to our open ruleset. It detects signs of successful machine key leakage. 🔗Check it out: rules.ptsecurity.com/view/ptopen-al… #cybersecurity #ids
🚨We have added new #suricata signatures for the recent #CitrixBleed2 (CVE-2025-5777) vulnerability in our open ruleset. Not only for an attempt, but for detection of a successful exploitation as well Check it out: 👉rules.ptsecurity.com/view/ptopen-al… #cybersecurity #ids #citrix
🚨 Malware Suricata Rules Update Available on rules.ptsecurity.com! 🚨 🛑 Remcos, XWorm RAT 🛑 Stealc v2 Stealer 🛑 Filsh Backdoor 🛑 Andromeda Botnet 🛑 PhantomEnigma Banker (see TI Report global.ptsecurity.com/analytics/pt-e…) #Suricata
🚨 We've added a new signature to our Suricata ruleset for the critical vulnerability CVE-2025-49113 in Roundcube, previously reproduced by @ptswarm. This RCE vulnerability potentially exposes millions of hosts worldwide. Update your rules now: rules.ptsecurity.com #Suricata
🐍 Suricata rules update ! We’ve added detections for newly disclosed RCE vulns: - Apache Tomcat (CVE-2025-24813) - Ingress NGINX (CVE-2025-1974) 🆕 Detects for tunnel services (tunnelto, Telebit, Pinggy), Rclone and AdaptixC2 activity. See full list → rules.ptsecurity.com
We're dropping a massive malware signature update 🎭 Highlights: RustyNet loader, WorldWind stealer, Slam RAT, nasty XWorm, SpyNote, Hydra, Zanubis ...and plenty more! 🔗 rules.ptsecurity.com
Guess who's back? 🎉 Our Suricata ruleset has found a new home at rules.ptsecurity.com! Enable source ptrules/open in Suricata-Update to stay ahead of threats.
Spring Core RCE 0day aka Spring4Shell came out recently. Detect exploitation attempts with our #suricata rule: github.com/ptresearch/Att…
One can get #Zabbix panel admin rights in one request with CVE-2022-23131. But you can detect it easily with our #suricata rule. We worked on possible rule bypasses and false positive rate github.com/ptresearch/Att…
Good: Use our #suricata rules to detect malicious attempts of the new CVE-2021-41773 #Apache HTTP Server dir traversal. Better: Patch your apache The best: Do both! github.com/ptresearch/Att…
🔥 We have reproduced the fresh CVE-2021-41773 Path Traversal vulnerability in Apache 2.4.49. If files outside of the document root are not protected by "require all denied" these requests can succeed. Patch ASAP! httpd.apache.org/security/vulne…
How to get a system shell on any windows version? Use #SystemNightmare exploit. How to detect SystemNightmare usage in a network? Use our rules! Oh, here they are: github.com/ptresearch/Att…
We released rules for #suricata in order to detect exploitation of a new vuln #PetitPotam. Also detection of a successful attempt inside: github.com/ptresearch/Att…
Hi all, MS-RPRN to coerce machine authentication is great but the service is often disabled nowadays by admins on most orgz. Here is one another way we use to elicit machine account auth via MS-EFSRPC. Enjoy!! :) github.com/topotam/PetitP…
Use our #suricata rules to detect both #PrintNightmare (CVE-2021-1675) exploits. Adding printer driver across the network is rare but still possible case, so there might be a few of false alerts. Tell us if you get some. github.com/ptresearch/Att…
xfreerdp software in your network? It might be some malicious activity! Detect it with our #suricata rule, works for security level rdp only. Good for some other open source clients as well. github.com/ptresearch/Att…
Open letter to the research community ptsecurity.com/ww-en/about/ne…
United States Trends
- 1. Cloudflare 207K posts
- 2. Gemini 3 22.7K posts
- 3. #AcousticPianoCollection N/A
- 4. Piggy 52.3K posts
- 5. Olivia Dean 4,098 posts
- 6. Taco Tuesday 14.3K posts
- 7. Saudi 114K posts
- 8. Good Tuesday 35K posts
- 9. #tuesdayvibe 3,044 posts
- 10. Anthropic 8,328 posts
- 11. #ONEPIECE1166 4,174 posts
- 12. Salman 28.2K posts
- 13. Sam Leavitt N/A
- 14. jeonghan 92.6K posts
- 15. Gary Sinise 6,387 posts
- 16. Muslim Brotherhood and CAIR 2,581 posts
- 17. seungkwan 25.4K posts
- 18. Brian Walshe N/A
- 19. Passan N/A
- 20. Siri 14.9K posts
You might like
-
SpecterOps
@SpecterOps -
Olaf Hartong
@olafhartong -
RedDrip Team
@RedDrip7 -
Seongsu Park
@unpacker -
Panos Gkatziroulis 🦄
@netbiosX -
Suricata IDS/IPS
@Suricata_IDS -
Snort 🐷
@snort -
ExecuteMalware
@executemalware -
CAPE Sandbox
@CapeSandbox -
Ring3API 🇺🇦
@ntlmrelay -
Stamus Networks
@StamusN -
ET Labs
@ET_Labs -
pevma
@pevma -
Matthew Dunwoody
@matthewdunwoody -
OISF
@OISFoundation
Something went wrong.
Something went wrong.