da_667 · @da_667
3107 followers · 195 posts · Server infosec.exchangeInterestingly enough, the second bot, GoTrim uses a very unique user-agent for doing external IP address checks against a number of "what's my IP address" services, with a very unique user-agent: go-external-ip
We already have a rule for that -- 2030468 go-external-ip library User-Agent
#Malware #Ransomware #ThreatIntel #iocs #iocexchange #Snort #Suricata #NSM #ThreatHunting #GoTrim #CIARansomware
#malware #ransomware #threatintel #iocs #iocexchange #snort #suricata #nsm #threathunting #gotrim #ciaransomware
Unperson ❌ · @Unperson
42 followers · 144 posts · Server ioc.exchangeBig thanks to @seb and those moderating here on #IocExchange for the hosting. I appreciate it greatly. ❤️
#iocexchange #mastodon #instance