Chapter 1: Current Security Hotspots
There are many topics that I want to talk about. Primarily, starting with the lack of actual knowledge sharing in the infosec community. But before we delve into it and others, I need to share more on the actual IOCs in the wild…
Supernova Detection
Yara rules to detect SuperNova .net web shell backdoor rule APT_Webshell_SUPERNOVA_1{meta:author = “FireEye”description = “SUPERNOVA is a .NET web shell backdoor masquerading as a legitimate SolarWinds web service handler. SUPERNOVA inspects and responds to HTTP requests with the appropriate HTTP query strings, Cookies, and/or HTML form values (e.g. named codes, class, method, and args). This…
Follow My Blog
Get new content delivered directly to your inbox.