Snort mailing list archives
MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt" rule being fired
From: Daniel <dky.swe () gmail com>
Date: Thu, 31 Mar 2016 08:34:35 +0200
Hi all, Since a few days ago, we have the "MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt" rule being fired on what to seems to be ICMP pings from a Nagios server. I can provide pcap file if anyone from the Talos team (or others) want to look at it. Contact me then. Best Regards, Daniel
------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785471&iu=/4140
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt" rule being fired Daniel (Mar 30)
- Re: MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt" rule being fired Joel Esler (jesler) (Mar 31)