Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 25, 2025, 11:40 AMSSLBL: Malicious SSL certificate detected (Latrodectus C&C)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (Latrodectus C&C)"; tls_cert_fingerprint; content:"d9:b5:8c:37:4f:81:30:5f:b5:b5:45:b6:f9:a9:3b:99:bb:81:07:0a"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/d9b58c374f81305fb5b545b6f9a93b99bb81070a/; sid:903205632; rev:1;)
Jun 25, 2025, 11:40 AM
Jun 25, 2025, 11:40 AM
Jul 17, 2025, 2:34 PM
Jul 17, 2025, 2:34 PM
sslblacklist_tls_cert.rules