Mastouille

2 messages2 participants0 message aujourd’hui

E-TARD The LifeCasterI got my new <a href="https://mastodon.online/tags/OPNsense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OPNsense</a> Router all built & OPNsense is installed. WoW OPNsense is cool but crazy deep. It's going to take a little time for me to learn OPNsense, so I will not be using it just yet. I'm also finding out how little I know about FreeBSD. I have played with <a href="https://mastodon.online/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeBSD</a> & <a href="https://mastodon.online/tags/NetBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetBSD</a> here & there over many years but I never ran any BSD on my systems(Last time I was on a FreeBSD system was 2013). Yes FreeBSD people this is where you LOL at the <a href="https://mastodon.online/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> guy🐧 I plan to run <a href="https://mastodon.online/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> & <a href="https://mastodon.online/tags/Zenarmor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Zenarmor</a>

SuricataSuricata 8 is here! Curious to hear all about what’s new with this release? Tune in below to see what longtime Suricata developer, <a href="https://infosec.exchange/@ish" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ish</a> has to say about his favorite features and what support Suricata is looking for from the community. <a href="https://www.youtube.com/watch?v=QzfrIflsEJw" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.youtube.com/watch?v=QzfrIflsEJw</a><a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> <a href="https://infosec.exchange/tags/Suricata8" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata8</a>

SuricataWe're very excited to announce the release of Suricata 8.0.0! 🎉We're proud of our OISF team and our great community, who contributes with code, tests, feedback... Thank you all!🔸Get the release: <a href="https://www.openinfosecfoundation.org/download/suricata-8.0.0.tar.gz" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.openinfosecfoundation.org/download/suricata-8.0.0.tar.gz</a>Read more: <a href="https://forum.suricata.io/t/suricata-8-0-0-released" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://forum.suricata.io/t/suricata-8-0-0-released</a><a href="https://infosec.exchange/tags/Suricata8" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata8</a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a>

Victor JulienDid you know <a href="https://mastodon.social/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> has a newsletter now? You can read it online here: <a href="https://newsletter.suricata.io/posts/2025-06/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://newsletter.suricata.io/posts/2025-06/</a>To get it by email you can subscribe at the bottom of the page.

CrowdSec▶️ Register now for an upcoming webinar on boosting your cybersecurity defense with Suricata and CrowdSec! Join our Ambassador Flaviu Vlaicu as he guides you through setting up Suricata and CrowdSec with Pushover notifications. You’ll also learn some best practices for deployment and management of these tools. 📅 June 5th at 4:30 PM CEST Save your seat: <a href="https://app.livestorm.co/crowdsec/proactive-defense-crowdsec-suricata" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://app.livestorm.co/crowdsec/proactive-defense-crowdsec-suricata</a><a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/webinar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webinar</a>

SuricataWe are pleased to announce our beta version of the Suricata 8.0 release! We want to share the main work we’ll be releasing soon so you can check and test it out, offer feedback, and share your thoughts before the release of Suricata 8.0.0, which is planned for July 8, 2025.Get the release, test it, send feedback: 🔸 8.0.0-beta1: <a href="https://www.openinfosecfoundation.org/download/suricata-8.0.0-beta1.tar.gz" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.openinfosecfoundation.org/download/suricata-8.0.0-beta1.tar.gz</a>Release notes: <a href="https://forum.suricata.io/t/suricata-8-0-0-beta1-released" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://forum.suricata.io/t/suricata-8-0-0-beta1-released</a><a href="https://infosec.exchange/tags/suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#suricata</a>-8-0-beta1-release

SuricataWe'll be bringing back our awesome <a href="https://infosec.exchange/tags/SuricataTips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SuricataTips</a>! :DIt’s time for a <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> tip of the month - with vintage logos! :P We’ll be sharing <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tips</a> and <a href="https://infosec.exchange/tags/tricks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tricks</a> to get you more easily acquainted with Suricata - Be sure to keep these in your repository for when you’re in a jam!<a href="https://infosec.exchange/tags/DidYouKnow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DidYouKnow</a> `-S` flag can be used to load any signature file exclusively

Sekoia.ioThe analysis reveals I2PRAT as an emerging threat with activity noted from October 2024 to January 2025. As part of the investigation and within our mission to enhance cyber threat <a href="https://infosec.exchange/tags/detection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#detection</a>, we also share some <a href="https://infosec.exchange/tags/Sigma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sigma</a> and <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> detection rules! <a href="https://github.com/SEKOIA-IO/Community/tree/main/IOCs/I2PRAT" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/SEKOIA-IO/Community/tree/main/IOCs/I2PRAT</a>

da_667Hey Hey People,DA Here.Do you, have a Suricata sensor in your network?Do you, use Suricata as a part of sandbox that you run?Have you, been hammering away at finding evil, and want to find more?I'm doing a webinar courtesy of OISF this Thursday. 3PM UTC, which translates to 10am EST.I'll be talking about two things during this meeting: One, is making good use of the ET INFO rule category as an early warning system.Sure, there is a lot of noise to sift out of ET INFO, and for that reason, some choose to just cut it entirely. I'm here to show you how to grab the stuff we've seen in our sandboxes that can help to lead anomaly detection.In the second part of this talk, I will talk about how you can convert network and system-specific artifacts into a set of Honeytoken-like IDS rules that again, can lead to anomaly detection, and perhaps even catching advanced or unidentified threats.Here is a link to register for the meeting: <a href="https://us02web.zoom.us/webinar/register/WN_MJogFww8S4mIpEOctaTZlw#/registration" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://us02web.zoom.us/webinar/register/WN_MJogFww8S4mIpEOctaTZlw#/registration</a><a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> <a href="https://infosec.exchange/tags/EmergingThreats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EmergingThreats</a> <a href="https://infosec.exchange/tags/DetectionEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DetectionEngineering</a> <a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatHunting</a> <a href="https://infosec.exchange/tags/OISF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OISF</a> <a href="https://infosec.exchange/tags/AnomalyDetection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AnomalyDetection</a>

SuricataJoin us in watching Tony Robinson’s (<a href="https://infosec.exchange/@da_667" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@da_667</a>) webinar this Thursday, January 9th, at 3 PM UTC on “Honeytoken IDS rules & ET INFO Rules for Anomaly Detection.” This talk is going to focus on ways to spot anomalous activity for threats that may or may not have specific signatures.There's still time to register: <a href="https://us02web.zoom.us/webinar/register/WN_MJogFww8S4mIpEOctaTZlw#/registration" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://us02web.zoom.us/webinar/register/WN_MJogFww8S4mIpEOctaTZlw#/registration</a><a href="https://infosec.exchange/tags/FreeWebinar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeWebinar</a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> <a href="https://infosec.exchange/tags/SuricataWebinar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SuricataWebinar</a>

SuricataOn January 9, Suricata webinars are back! 🎉 Join Tony Robinson’s ( <a href="https://infosec.exchange/@da_667" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@da_667</a> ) on January 9th at 10 AM EST - for a post-SuriCon talk: “Honeytoken IDS rules & ET INFO Rules for Anomaly Detection.”This talk is going to focus on ways to spot anomalous activity for threats that may or may not have specific signatures. Register! <a href="https://us02web.zoom.us/webinar/register/WN_MJogFww8S4mIpEOctaTZlw#/registration" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://us02web.zoom.us/webinar/register/WN_MJogFww8S4mIpEOctaTZlw#/registration</a><a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> <a href="https://infosec.exchange/tags/Webinar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Webinar</a>

da_667Just saw this pop up in my feed. <a href="https://any.run/cybersecurity-blog/phantomloader-and-ssload-analysis/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://any.run/cybersecurity-blog/phantomloader-and-ssload-analysis/</a>thanks <a href="https://infosec.exchange/@screaminggoat" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@screaminggoat</a> SSLoad currently doesn't use SSL for C2 Comms, opting for HTTP check-in, and key-exchange, before using a private key to encrypt tasking traffic.We got you covered. Check out the following Suricata sids:2047702 + 2047703 (External IP lookip to ipify.org) -- this isn't necessarily SSLoad activity, but the use of IP address lookup services is very common with most strains of malware2052098 - SSLoad Initial Registration 2052169 - SSLoad Registration Response 2052099 - SSLoad Tasking Request<a href="https://infosec.exchange/tags/SSLoad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSLoad</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> <a href="https://infosec.exchange/tags/Snort" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Snort</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a>

EmergingThreatsThe ET Team is proud to announce our support for <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> 7.0.3 with a newly updated and uplifted ruleset! Learn more here:<a href="https://community.emergingthreats.net/t/announcing-support-for-suricata-7-0-3/1735" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://community.emergingthreats.net/t/announcing-support-for-suricata-7-0-3/1735</a>

SuricataHappening now our workshop about malware traffic analysis using <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a>, with <a href="https://infosec.exchange/@jufajardini" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jufajardini</a> and <a href="https://bird.makeup/users/lukassismis" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@lukassismis</a> at <a href="https://fosstodon.org/@devconf_cz" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@devconf_cz</a> :) And So happy to see our <a href="https://hachyderm.io/@outreachy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@outreachy</a> alumni Haleema Khan and Modupe Falodun here with us <3

Victor JulienIf you have some <a href="https://mastodon.social/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> related research or project to share, please consider submitting a talk to the next <a href="https://mastodon.social/tags/Suricon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricon</a> in Madrid:<a href="https://suricon.net/call-for-talks/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://suricon.net/call-for-talks/</a>

Seth GroverI'm pleased to be able to share some overview videos for <a href="https://malcolm.fyi/" rel="nofollow noopener noreferrer" target="_blank">Malcolm</a>, a powerful, easily deployable network traffic analysis tool suite. Together, these overview videos provide a brief introduction to Malcolm and some of its main components: OpenSearch Dashboards, Arkime, and NetBox. These videos were produced with funding from DHS CISA as part of an ongoing capabilities development pilot project.<a href="https://www.youtube.com/playlist?list=PLJg-83nW7AjOcSEiVMc4mODs4LzfVAwwN" rel="nofollow noopener noreferrer" target="_blank">Malcolm Overview Videos</a> on YouTube<a href="https://infosec.exchange/tags/Malcolm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malcolm</a> <a href="https://infosec.exchange/tags/HedgehogLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HedgehogLinux</a> <a href="https://infosec.exchange/tags/Zeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Zeek</a> <a href="https://infosec.exchange/tags/Arkime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Arkime</a> <a href="https://infosec.exchange/tags/NetBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetBox</a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSearch</a> <a href="https://infosec.exchange/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Elasticsearch</a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> <a href="https://infosec.exchange/tags/PCAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PCAP</a> <a href="https://infosec.exchange/tags/NetworkTrafficAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetworkTrafficAnalysis</a> <a href="https://infosec.exchange/tags/networksecuritymonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networksecuritymonitoring</a> <a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OT</a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ICS</a> <a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#icssecurity</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyber</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/INL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#INL</a> <a href="https://infosec.exchange/tags/DHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DHS</a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISA</a> <a href="https://infosec.exchange/tags/CISAgov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISAgov</a>

da_667big hand to foxit for publishing their work pertaining to blister loader. Made a lot of sigs pertaining their cobalt strike and mythic C2 profiles. Those should be released tonight <a href="https://infosec.exchange/tags/Snort" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Snort</a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> <a href="https://infosec.exchange/tags/BlisterLoader" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BlisterLoader</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a><a href="https://blog.fox-it.com/2023/11/01/popping-blisters-for-research-an-overview-of-past-payloads-and-exploring-recent-developments/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.fox-it.com/2023/11/01/popping-blisters-for-research-an-overview-of-past-payloads-and-exploring-recent-developments/</a>

SuricataHello, Mastodon world and InfoSec community around!We are Suricata, the <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> network monitoring and security tool (and more!) maintained by OISF.Here we will be sharing <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> news such as releases, upcoming webinars and trainings, SuriCon updates, and events we're attending, as well interesting tips and bits we see from our community, and, on the wonderful occasions when the team meets, meerkat pics and gifs. :DTo start, we want to celebrate here the much-anticipated release of Suricata 7. It's been out for a couple of weeks, and 7.0.1 is close by, so if you have been waiting to update, get ready.Release notes: <a href="https://forum.suricata.io/t/suricata-7-0-0-released" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://forum.suricata.io/t/suricata-7-0-0-released</a>Feel free to tag us on Suricata-related topics and tools. :)

Victor Julien<a href="https://mastodon.social/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Suricata</a> 7 released!<a href="https://forum.suricata.io/t/suricata-7-0-0-released/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://forum.suricata.io/t/suricata-7-0-0-released/</a>

JSkier :archlinux: :debian:<a href="https://thisis.mylegendary.quest/users/twizzay" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@twizzay</a> oh, and IDS <a href="https://social.linux.pizza/tags/suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#suricata</a> language server, it's super slick. I'm sure I would have a stroke if I knew all the data M$ was harvesting on me 😳

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#suricata