Latest Suricata Rules
Showing 1-50
SID: 2069998
et/open
ET EXPLOIT_KIT Balada Javascript Inject Observed
Jun 17, 2026
SID: 2069997
et/open
ET INFO DYNAMIC_DNS HTTP Request to a *.juk .fi domain
Jun 17, 2026
SID: 2069996
et/open
ET INFO DYNAMIC_DNS Query to a *.juk .fi domain
Jun 17, 2026
SID: 2069995
et/open
ET EXPLOIT_KIT ClearFake Domain in TLS SNI (animal-zoo-lake .com)
Jun 17, 2026
SID: 2069994
et/open
ET EXPLOIT_KIT ClearFake Domain in DNS Lookup (animal-zoo-lake .com)
Jun 17, 2026
SID: 2069993
et/open
ET EXPLOIT_KIT LandUpdate808 Domain in TLS SNI (corraia .icu)
Jun 17, 2026
SID: 2069992
et/open
ET EXPLOIT_KIT LandUpdate808 Domain in DNS Lookup (corraia .icu)
Jun 17, 2026
SID: 2069991
et/open
ET MALWARE RevStealer Ping (Keep-Alive)
Jun 17, 2026
SID: 2069990
et/open
ET MALWARE RevStealer dl_exec Command from C2
Jun 17, 2026
SID: 2069989
et/open
ET MALWARE RevStealer Sync Request
Jun 17, 2026
SID: 2069988
et/open
ET MALWARE RevStealer Data Exfiltration Attempt M2
Jun 17, 2026
SID: 2069987
et/open
ET WEB_SPECIFIC_APPS TOTOLINK N300RH Stack-based Buffer Overflow (CVE-2026-10187)
Jun 17, 2026
SID: 2069986
et/open
ET MALWARE RevStealer Data Exfiltration Attempt M1
Jun 17, 2026
SID: 2069985
et/open
ET MALWARE RevStealer CnC Checkin
Jun 17, 2026
SID: 2069984
et/open
ET WEB_SPECIFIC_APPS Jenkins Script Security Plugin Sandbox Bypass (CVE-2019-1003000)
Jun 17, 2026
SID: 2069983
et/open
ET WEB_SPECIFIC_APPS Jenkins Stapler Web Framework Remote Code Execution (CVE-2018-1000861)
Jun 17, 2026
SID: 2069982
et/open
ET MALWARE Observed RevStealer Domain (proxy .willowfleet .click in TLS SNI)
Jun 17, 2026
SID: 2069981
et/open
ET WEB_SPECIFIC_APPS Jenkins GitHub Plugin SSRF (CVE-2018-1000600)
Jun 17, 2026
SID: 2069980
et/open
ET MALWARE RevStealer Related Domain in DNS Lookup (proxy .willowfleet .click)
Jun 17, 2026
SID: 2069979
et/open
ET WEB_SPECIFIC_APPS Atlassian Jira makeRequest SSRF (CVE-2019-8451)
Jun 17, 2026
SID: 2069978
et/open
ET WEB_SPECIFIC_APPS Atlassian Jira iconUriServlet SSRF (CVE-2017-9506)
Jun 17, 2026
SID: 2069977
et/open
ET WEB_SPECIFIC_APPS Oracle PeopleSoft Apache Axis API XML Comment Injection
Jun 17, 2026
SID: 2069976
et/open
ET MALWARE Observed RevStealer Domain (dash .scout-lens34 .xyz in TLS SNI)
Jun 17, 2026
SID: 2069975
et/open
ET MALWARE RevStealer CnC Domain in DNS Lookup (dash .scout-lens34 .xyz)
Jun 17, 2026
SID: 2069974
et/open
ET WEB_SPECIFIC_APPS Oracle PeopleSoft Integration Gateway PeopleSoftServiceListeningConnector XXE (CVE-2017-3548)
Jun 17, 2026
SID: 2069973
et/open
ET WEB_SPECIFIC_APPS Oracle PeopleSoft Integration Gateway HttpListeningConnector XXE (CVE-2013-3821)
Jun 17, 2026
SID: 2069972
et/open
ET EXPLOIT_KIT ClearFake Domain in TLS SNI (park-lake .com)
Jun 16, 2026
SID: 2069971
et/open
ET EXPLOIT_KIT ClearFake Domain in DNS Lookup (park-lake .com)
Jun 16, 2026
SID: 2069970
et/open
ET HUNTING Javascript Obfuscator Charcode+Hex Encoded Function Name
Jun 16, 2026
SID: 2069969
et/open
ET WEB_SPECIFIC_APPS Splunk Enterprise Server Information Disclosure via REST API (CVE-2018-11409)
Jun 16, 2026
SID: 2069968
et/open
ET WEB_SPECIFIC_APPS Splunk Enterprise Authentication REST API Authenticated Client-Side DoS (CVE-2026-20139)
Jun 16, 2026
SID: 2069967
et/open
ET WEB_SPECIFIC_APPS Jenkins Arbitrary File Read via Unsafe XStream Deserialization (CVE-2026-53435)
Jun 16, 2026
SID: 2069966
et/open
ET WEB_SPECIFIC_APPS Microsoft SharePoint Server Upload Page Folder Path Traversal (CVE-2026-45454)
Jun 16, 2026
SID: 2069965
et/open
ET EXPLOIT_KIT ZPHP Domain in TLS SNI (coralmanor .top)
Jun 16, 2026
SID: 2069964
et/open
ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (coralmanor .top)
Jun 16, 2026
SID: 2069963
et/open
ET EXPLOIT_KIT LandUpdate808 Domain in TLS SNI (treviro .icu)
Jun 16, 2026
SID: 2069962
et/open
ET EXPLOIT_KIT LandUpdate808 Domain in DNS Lookup (treviro .icu)
Jun 16, 2026
SID: 2069961
et/open
ET EXPLOIT Observed tdsshop Domain (dntds .shop in TLS SNI)
Jun 15, 2026
SID: 2069960
et/open
ET EXPLOIT Observed tdsshop Domain (nttdss .shop in TLS SNI)
Jun 15, 2026
SID: 2069959
et/open
ET EXPLOIT Observed tdsshop Domain (ntdnewtds .shop in TLS SNI)
Jun 15, 2026
SID: 2069958
et/open
ET EXPLOIT Observed tdsshop Domain (newtdsone .shop in TLS SNI)
Jun 15, 2026
SID: 2069957
et/open
ET EXPLOIT Observed tdsshop Domain (dnsnewtds .shop in TLS SNI)
Jun 15, 2026
SID: 2069956
et/open
ET EXPLOIT Observed tdsshop Domain (sdntds .shop in TLS SNI)
Jun 15, 2026
SID: 2069955
et/open
ET EXPLOIT Observed DNS Query to tdsshop Domain (dntds .shop)
Jun 15, 2026
SID: 2069954
et/open
ET EXPLOIT Observed DNS Query to tdsshop Domain (nttdss .shop)
Jun 15, 2026
SID: 2069953
et/open
ET EXPLOIT Observed DNS Query to tdsshop Domain (ntdnewtds .shop)
Jun 15, 2026
SID: 2069952
et/open
ET EXPLOIT Observed DNS Query to tdsshop Domain (newtdsone .shop)
Jun 15, 2026
SID: 2069951
et/open
ET EXPLOIT Observed DNS Query to tdsshop Domain (dnsnewtds .shop)
Jun 15, 2026
SID: 2069950
et/open
ET EXPLOIT Observed DNS Query to tdsshop Domain (sdntds .shop)
Jun 15, 2026
SID: 2069949
et/open
ET EXPLOIT_KIT tdsshop Web Inject Payload Request
Jun 15, 2026