Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/swisscom/detections
Threat intelligence and threat detection indicators (IOC, IOA)
https://github.com/swisscom/detections
detection indicators indicators-of-compromise threat-detection
Last synced: 3 months ago
JSON representation
Threat intelligence and threat detection indicators (IOC, IOA)
- Host: GitHub
- URL: https://github.com/swisscom/detections
- Owner: swisscom
- Archived: true
- Created: 2020-10-29T10:55:59.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2020-11-27T15:14:53.000Z (almost 4 years ago)
- Last Synced: 2024-03-20T07:35:18.828Z (8 months ago)
- Topics: detection, indicators, indicators-of-compromise, threat-detection
- Language: YARA
- Homepage:
- Size: 1.47 MB
- Stars: 51
- Watchers: 26
- Forks: 11
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-iocs - swisscom/detections - This repo contains threat intelligence information and threat detection indicators (IOC, IOA) shared by Swisscom CSIRT. (IOCs / Indicators)
README
# Threat intelligence and threat detections
This repo contains threat intelligence information and threat detection indicators (IOC, IOA) shared by [Swisscom CSIRT](https://twitter.com/swisscom_csirt).
| Content | Indicators | Communication |
| :--- | :--- | :--- |
| Ryuk CobalStrike C2's | [cobaltstrike_c2s.txt](https://github.com/swisscom/detections/blob/main/RYUK/cobaltstrike_c2s.txt), [ryuk.yar](https://github.com/swisscom/detections/blob/main/RYUK/ryuk.yar) | [Tweet](https://twitter.com/swisscom_csirt/status/1321777140992516096) |
| Trickbot Network Activity | [Suricata Rule](https://github.com/swisscom/detections/blob/main/TRICKBOT/trickbot.rules), [trickbot-exfil.pcap](https://github.com/swisscom/detections/blob/main/TRICKBOT/trickbot-exfil.pcap)| [Tweet](https://twitter.com/swisscom_csirt/status/1332339058912206850) |