[Emerging-Sigs] Interesting Lateral Movement Sigs (not mine)
jwilliams at emergingthreats.net
Wed Aug 7 07:12:59 HDT 2019
We'll take a look and reach out if there's anything we can do on these.
On Mon, Aug 5, 2019 at 5:21 AM Kevin Ross via Emerging-sigs <
emerging-sigs at lists.emergingthreats.net> wrote:
> I found these and they seem to work well
> https://github.com/MrAnde7son/Snort/blob/master/local.rules. It might be
> worth with necessary permission seeing if some can be adapted for ET
> Some already exist but there is things like WMI remote code execution,
> remote at jobs, registry etc. that would be great to have in standard
> ruleset if possible.
> Kind Regards,
> Emerging-sigs mailing list
> Emerging-sigs at lists.emergingthreats.net
> Support Emerging Threats! Subscribe to Emerging Threats Pro
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Emerging-sigs