NEW


"SRI Release a Complete Reverse Engineering of the Conficker C P2P Service."
September 2009.


Our Latest Threat Intelligence

The data on this website is supplied as is, without warranty of any kind. You may NOT redistribute this data. Use or reliance on this data is at your own risk. (If you REALLY REALLY must redistribute our stuff or get access to the live backend data, binaries, and traces, then click HERE.)

check

Most Effective Malware-Related Snort Signatures

Fri Nov 20 08:49:53 2009

detects = 30-day signature detection rates based on exposure to 4129 malware infections

detects sidrev author phase description
57% 299913:1 snort inbound exploit shellcode x86 0x90 unicode noop
42% 5001684:99 bothunter egg download bothunter malware windows executable (p...
42% 2001683:3 emerging threats egg download bleeding-edge malware windows executabl...
37% 52123:3 snort outbound scan registered free attack-responses micros...
30% 3001441:1 snort egg download tftp get .exe from external source
30% 1444:3 snort egg download tftp get from external source
30% 2008120:1 emerging threats egg download policy outbound tftp read request
28% 22466:7 snort inbound exploit netbios smb-ds ipc$ unicode share access
19% 292000032:99 bothunter inbound exploit bothunter exploit lsa exploit
18% 22000032:6 emerging threats inbound exploit bleeding-edge exploit lsa exploit

show me more!

checkcheckcheckcheck