Snort mailing list archives
Re: Snort sigs for BlackEnergy v3 / lite
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Fri, 10 Oct 2014 17:50:39 +0000
David, Yes. We are working on this issue currently. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos
On Oct 10, 2014, at 10:57 AM, waldo kitty <wkitty42 () windstream net> wrote: On 10/10/2014 9:23 AM, David Bryant wrote:Are there any signatures to detect the newer variants of BlackEnergy (i.e. v3 / lite) or any being written other than from Emerging Threats? I did not see any from Sourcefire VRT, but thought I'd ask in case I missed them or they are under a different name.please don't hijack an existing thread for a new topic... many who might be able to help might have that thread blocked and would miss your post... you should post your topic as a new message to get the widest viewing... https://github.com/vrtadmin/snort-faq/blob/master/Lists/What-is-the-mailing-list-nettiquete.md i can't help with your question... maybe others can if/when they find your new topic... -- NOTE: No off-list assistance is given without prior approval. Please *keep mailing list traffic on the list* unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Attachment:
smime.p7s
Description:
------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort sigs for BlackEnergy v3 / lite David Bryant (Oct 10)
- Re: Snort sigs for BlackEnergy v3 / lite waldo kitty (Oct 10)
- Re: Snort sigs for BlackEnergy v3 / lite Joel Esler (jesler) (Oct 10)
- Re: Snort sigs for BlackEnergy v3 / lite waldo kitty (Oct 10)