all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Test code block

Add to bookmarks
Feb. 2, 2024, midnight | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news


The following Falco rule will detect the affected container runtimes trying to change the directory to a proc file descriptor, which isn’t normal activity.  This rule should be considered experimental and can be used in OSS Falco and Sysdig Secure as a custom rule.


- rule: Suspicious Chdir Event Detected
  desc: Detects a process changing a directory using a proc-based file descriptor.  
  condition: >
    evt.type=chdir and evt.dir=< and evt.rawres=0 and evt.arg.path startswith "/proc/self/fd/" 
  output: >
    Suspicious Chdir event detected, executed …

block can change changing code container detect directory event falco file isn normal oss proc process sysdig sysdig secure test

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Update: file-magic.py Version 0.0.8 14 hours ago | malware.news
article didier didier stevens file +11
Ticketmaster confirms customer data breach 17 hours ago | malware.news
breach cloud cloud database customer +18
What the Biggest-Ever Botnet Takedown Means 1 day, 14 hours ago | malware.news
botnet distribution financial industrial +5
Okta Cross-origin Authentication Feature in Customer Identity Cloud Targeted in Credential Stuffing Attacks 1 day, 15 hours ago | malware.news
access attacks authentication cloud +22
OpenAI report reveals threat actors using ChatGPT in influence operations 1 day, 16 hours ago | malware.news
article campaigns chatgpt disruption +12
Fake Bahrain Government Android App Steals Personal Data Used for Financial Fraud 1 day, 16 hours ago | malware.news
android android app app bahrain +17
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins 1 day, 17 hours ago | malware.news
article attacks bugs fastly +11
Senator Calls for FTC, SEC Probe Into UnitedHealth’s ‘Negligence’ in Breach 1 day, 17 hours ago | malware.news
article attack board breach +17
Vulnerability impacting Check Point Network Security Gateways (CVE-2024-24919) 1 day, 18 hours ago | malware.news
article canadian canadian centre for cyber security check +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Information Systems Security Manager

@ Bank of America | USA, MD, Fort Meade (6910 Cooper Ave)
View on infosec-jobs.com

Security Engineer

@ EY | Bengaluru, KA, IN, 560048
View on infosec-jobs.com