JTJeff Tonginwind010.hashnode.dev·Jun 15 · 8 min readMalware DetectionWhat is YARA? How do we detect if a system is infected? Typically, cybersecurity defenders use YARA rules for malware detection. YARA is the engine that runs these rules. The modern engine is YARA-X w00
NONetomize Official Bloginblog.netomize.ca·Apr 24 · 7 min readDetect Shulfar Malware Encrypted TCP C&C Traffic Using PacketSmith Yara-X Detection ModuleIntroduction Splunk published a blog post about a variant of the Gh0stRat malware family used in a new campaign delivered alongside the CloverPlus adware. The blog post is titled "Not Just Annoying Ad00
NONetomize Official Bloginblog.netomize.ca·Mar 23 · 6 min readDetect SnappyClient C&C Traffic Using PacketSmith + Yara-X Detection ModuleIntroduction Zscaler published a blog post about a new malware called SnappyClient, written in the C++ programming language. The malware communicates with its C&C server using a custom binary protocol00
NONetomize Official Bloginblog.netomize.ca·Feb 12 · 3 min readHow to Detect EternalBlue ExploitationIntroduction On February 05, 2026, we released version 5 of PacketSmith, featuring a new detection module that seamlessly integrates Yara-X with most of the protocols supported by PacketSmith. To demo00