Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 25, 2025, 11:40 AMSSLBL: Malicious SSL certificate detected (JBifrost C&C)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (JBifrost C&C)"; tls_cert_fingerprint; content:"bb:d4:38:0b:ab:66:8d:9a:7f:92:59:b4:4f:fc:5c:93:b9:91:e9:9e"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/bbd4380bab668d9a7f9259b44ffc5c93b991e99e/; sid:903202396; rev:1;)
Jun 25, 2025, 11:40 AM
Jun 25, 2025, 11:40 AM
Jul 17, 2025, 2:34 PM
Jul 17, 2025, 2:34 PM
sslblacklist_tls_cert.rules