Potentially Suspicious Malware Callback Communication - Linux

Rule Info

Name
Potentially Suspicious Malware Callback Communication - Linux
Author
hasselj
Description
Detects programs that connect to known malware callback ports based on threat intelligence reports.
Date
2024-05-10 00:00:00
Modified
None
Id
dbfc7c98-04ab-4ab7-aa94-c74d22aa7376
Tags
attack.persistence attack.command-and-control attack.t1571
Type
Community Rule

Rule History

Author
Title
Date
Commit
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
Joe
Merge PR #4822 from @hasselj - Add `Potentially Suspicious Malware Callback Communication - Linux`
2024-05-10