-
https://www.bleepingcomputer.com/news/security/uhs-hospitals-hit-by-reported-country-wide-ryuk-ransomware-attack/
-
## Description
Cobalt Strike is an offensive security tool that has several loadable modules. One module leverages PsExec commands over the SMB protocol for lateral movement.
This rule will detect…
-
In the world of IR one of the most common things we are facing atm is the large scale ransomware attacks. My team regularly has open engagements for the same threat groups (Maze, DoppelPaymer, Ryuk, R…
-
### Issue URL (Social Widget)
[https://www.xataka.com/seguridad/golpe-a-trickbot-ransomware-ryuk-microsoft-varias-empresas-ciberseguridad-desactivan-mayores-botnets-mundo](https://adguardteam.gith…
-
The first implementation of Yara support allowed multiple rule files to match against a command line. And the runyara.bat appended to the output:
>>> @yara64.exe %1 %2 >> %2.out
Thus when the match…
-
I attempted to query twitter for specific malware types so that I could could tag them in MISP. Is this the correct way to go about this? When the config was much smaller it was correctly tagging. As …
-
Many rules that use the `|contains` modifier specify string values that end with backslashes. Rules that have string values ending in a backslash can be found using this query from the project's root …
-
I used a brand new Ubuntu 16.04 VM from [osboxes](https://www.osboxes.org/ubuntu/) and hosted it in VirtualBox. I cloned the whole repo and installed all dependencies (including built-in python 2.7 in…
-
https://brica.de/alerts/alert/public/1284291/ransomware-attack-causes-school-district-wide-shutdown/
-
https://www.bleepingcomputer.com/news/security/ransomware-attack-causes-school-district-wide-shutdown/