-
Entire file is 8 bytes (APPL????) and is reported as a macOS backdoor:
[ALERT]
FILE: H:\Export\REDACTED\Downloads\SophosInstall\Sophos Installer.app\Contents\PkgInfo SCORE: 100 TYPE: UNKNOWN SIZE:…
-
* Check IOCs
* Import them in MISP
-
otx_lookup_domain pipeline function seems to expect an IP address, although the function is supposed to use domain name as argument.
## Expected Behavior
I wouldn't expect error message
…
-
Please add support for an exclusion list for each Data Adapter, I'd like to be able to exclude certain internal domains from API & Data lookups with the threat-intel plugins for OTX and others.
-
You probably want to remove 195.22.26.248 from [sinkhole_anubis.txt](https://github.com/stamparm/maltrail/blob/master/trails/static/malware/sinkhole_anubis.txt) as it will generate a lot of false posi…
-
**Elasticsearch version**:
2.4.4
**Moloch version**:
19.2
**OS name and version**:
Windows 7
**How was Moloch built/installed:** (rpm, deb, singlehost built, ...)
deb
**Provide logs, stack tr…
-
Hello,
I submit a potentially false positive in IOC, maybe need some tuning.
[ALERT]
FILE: C:\Program Files (x86)\McAfee\VirusScan Enterprise\ScnCfg32.Exe SCORE: 100 TYPE: EXE SIZE: 48488
FIRST_…
-
I have been trying to intergrate MISP and OTX so i can import Alienvault OTX pulses to a MISP instance. The documentation that i got does not explain in detail on how you do this ( https://otx-misp.re…
-
separate package for alienvault otx lib, currently just copied into our tree
related: AlienVault-Labs/OTX-Python-SDK#11
sebix updated
7 years ago
-
Hello!
### Request Type
Bug
### Work Environment
| Question | Answer
|---------------------------|--------------------
| Cortex Analyzer Name | OTXQuery
| Cortex Analyze…