Weekly Detection Rule (YARA and Snort) Information – Week 2, September 2024
The following is the information on Yara and Snort rules (Week 2, September 2024 ) collected and shared by the AhnLab TIP service.
- 5 YARA Rules
| Detection name | Description | Source |
|---|---|---|
| PK_antai_inun | Phishing Kit impersonating French ANTAI (amendes) portal | https://github.com/t4d/PhishingKit-Yara-Rules |
| PK_Kraken_ankletee | Phishing Kit impersonating Kraken | https://github.com/t4d/PhishingKit-Yara-Rules |
| PK_O365_spamfather2 | Phishing Kit impersonating Office 365 | https://github.com/t4d/PhishingKit-Yara-Rules |
| PK_SocieteGenerale_satan2 | Phishing Kit impersonating Societe Generale | https://github.com/t4d/PhishingKit-Yara-Rules |
| PK_Telstra_mengunjungi | Phishing Kit impersonating Telstra | https://github.com/t4d/PhishingKit-Yara-Rules |
- 2 Snort Rules
| Detection name | Source |
|---|---|
| ET WEB_SPECIFIC_APPS Ivanti Virtual Traffic Manager Authentication Bypass Attempt (CVE-2024-7593) | https://rules.emergingthreatspro.com/open/ |
| ET WEB_SPECIFIC_APPS D-Link DIR-859 Information Disclosure Attempt (CVE-2024-07969) | https://rules.emergingthreatspro.com/open/ |
