SaaSHub helps you find the best software and product alternatives Learn more →
YARA Signature Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
YARA Signature related posts
-
Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
-
Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
-
Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
-
OneNote Yara rule
-
New Exchange Zero Day rumours [29th September]
-
Nvidia Breach
-
Evidence of a log4j attack found - Now what?
-
A note from our sponsor - SaaSHub
www.saashub.com | 1 Jun 2024
Index
Project | Stars | |
---|---|---|
1 | signature-base | 2,359 |
Sponsored