all InfoSec news
SigmaHQ Rules Release Highlights — r2024–01–15
Jan. 15, 2024, 7 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
SigmaHQ Rules Release Highlights — r2024–01–15
https://github.com/SigmaHQ/sigma/releases/tag/r2024-01-15Sigma Rule Packages for 15–01–2024 are released and available for download. This release saw the addition of 19 new rules, 17 rule updates and 5 rule fixes by 18+ contributors.
New Rules
Some highlights for the newer rules include, a detection covering a new LOLbin “Dotnet-Trace.EXE” reported by bohops
title: Binary Proxy Execution Via Dotnet-Trace.EXE
id: 9257c05b-4a4a-48e5-a670-b7b073cf401b
status: experimental
description: Detects commandline arguments for executing a child process via dotnet-trace.exe
references: …
article conversation link medium people release rules story the conversation
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Malware Analyst - TASO / Active Secret
@ Peraton | Arlington, VA, United States
Information Security Engineer
@ Deel | Anywhere (APAC)
Cybersecurity Engineer
@ Booz Allen Hamilton | USA, DC, Washington (1125 15th St NW)
Director, Security Engineering
@ Warner Bros. Discovery | GA Atlanta 1050 Techwood Drive NW
Consultant Senior Securité Réseaux
@ Devoteam | Tunis, Tunisia
SOC Analyst, Mid
@ Peraton | Washington, DC, United States