我的學習手記 A technical geek blog

Pages

Home
About
Reminder
Chatter
STEM
Links

Tuesday, April 2, 2024

Use Symantec Endpoint Protection to run the YARA rules to scan Linux servers for CVE-2024-3094

Use SEP to run the YARA rules to scan Linux servers for CVE-2024-3094

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/Using-policies-to-manage-security/preventing-and-handling-virus-and-spyware-attacks-v40739565-d49e172/scanning-the-SEP-client-computer-using-custom-YARA-rules.html

Yara rule for CVE-2024-3094

https://github.com/Neo23x0/signature-base/blob/master/yara/bkdr_xz_util_cve_2024_3094.yar

Reference:

https://www.kaspersky.com/blog/cve-2024-3094-vulnerability-backdoor/50873/

Print Friendly and PDF

Use Symantec Endpoint Protection to run the YARA rules to scan Linux servers for CVE-2024-3094

Posted by Billy Fung at 10:16 PM

Email This BlogThis! Share to Twitter Share to Facebook

Labels: cve-2024-3094, Linux, SEP, Symantec Endpoint Protection (SEP), YARA

No comments:

Post a Comment

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

Subscribe To

Posts

Posts

Comments

Comments

QR Code of this blog

About Me

Billy Fung

View my complete profile

Want to know more me?

Twitter

Follow @BillyFung2010

My Certification

Followers

Facebook Fan Page

我的學習手記 A technical geek blog

宣傳你的專頁

Popular Posts

How to stop file copy on a VMware ESXi 5.0 which is started by vSphere client

When you start a file copy on a VMware ESXi machine by using vSphere client, you will find that you cannot "stop” (Cancel this task) it...
廣東輸入法

http://sites.google.com/site/chineseinput http://sites.google.com/site/chineseinput/home
How to install Intel 82579LM onboard NIC (DELL Optiplex 790) driver to VMWare ESXi 4.1?

How to install Intel 82579LM onboard NIC (DELL Optiplex 790) driver to VMWare ESXi 4.1? 1. Go to download this two files http://www....
Using Windows XP in Windows 10 by using Hyper-V client

1. Use the Windows command prompt to enable the hyper-v client on Windows 10 At the Windows command prompt (using administrator credentials)...
Upgrade the ZTE Skate (V960) from 2.3.5 (Official ROM) to 4.0.4 ([ICS] [CM9] [4.0.4] ColdFusionX)

Previous ROM: ZTE 2.3.5 official (Rooted) The ClockworkMod Recovery r4-4.0.1.4-skate-clockworkmod have been installed. Step 1: Use the Tit...
Different between remove mirror and break the mirror in Windows Server 2008 R2

(For your reference only, I only try in a VM one time to do the “remove mirror” and “break mirror”). Remove mirror will also remove all t...
Running iTool without install iTunes

1. Download iTune from apple.com 2. Use 7zip to extract those msi file (like the following screen) from “iTunes64Setup.exe” 3. Install t...
install Windows Server 2008 R2 SP1 on DELL Optiplex 790

Install the driver in the following order: 1. SATA (Install.Net 3.5.1 before install the SATA driver -> Go to "Server Manager&quo...
Microsoft Baseline Security Analyzer 2.3 - offline scan operation guide

1. Download an up-to-date version of the wsusscn2.cab file from http://go.microsoft.com/fwlink/?linkid=76054 2. Download an up-to-date versi...
APC UPS Freeware and Freeware Alternatives to PowerChute

APC Freeware PowerChute Network Shutdown v 2.2.4 http://www.apc.com/products/resource/include/techspec_index.cfm?base_sku=SFPCNS...

Search This Blog

Translate

Blog Archive

▼ 2024 (66)
- ▼ April (10)
- ► March (13)
- ► February (40)
- ► January (3)

► 2023 (83)
- ► December (19)
- ► November (10)
- ► October (12)
- ► September (10)
- ► August (5)
- ► July (2)
- ► June (5)
- ► April (8)
- ► March (11)
- ► January (1)

► 2022 (66)
- ► December (5)
- ► September (6)
- ► August (5)
- ► July (7)
- ► June (15)
- ► May (2)
- ► April (7)
- ► March (3)
- ► February (16)

► 2019 (156)
- ► November (13)
- ► October (11)
- ► September (13)
- ► August (17)
- ► July (20)
- ► June (20)
- ► May (12)
- ► April (10)
- ► March (19)
- ► February (12)
- ► January (9)

► 2018 (233)
- ► December (29)
- ► November (16)
- ► October (19)
- ► September (14)
- ► August (26)
- ► July (13)
- ► June (15)
- ► May (20)
- ► April (21)
- ► March (16)
- ► February (15)
- ► January (29)

► 2017 (176)
- ► December (13)
- ► November (12)
- ► October (20)
- ► September (16)
- ► August (16)
- ► July (10)
- ► June (19)
- ► May (13)
- ► April (15)
- ► March (18)
- ► February (10)
- ► January (14)

► 2016 (89)
- ► December (5)
- ► November (13)
- ► October (5)
- ► September (10)
- ► August (9)
- ► July (5)
- ► June (22)
- ► May (6)
- ► April (2)
- ► March (7)
- ► January (5)

► 2015 (75)
- ► December (19)
- ► November (7)
- ► October (13)
- ► September (9)
- ► August (5)
- ► July (1)
- ► June (4)
- ► May (6)
- ► April (7)
- ► February (1)
- ► January (3)

► 2014 (37)
- ► October (2)
- ► September (3)
- ► July (6)
- ► June (11)
- ► May (14)
- ► February (1)

► 2013 (49)
- ► September (7)
- ► August (12)
- ► June (3)
- ► April (10)
- ► March (1)
- ► February (2)
- ► January (14)

► 2012 (67)
- ► December (10)
- ► November (16)
- ► October (6)
- ► September (5)
- ► July (3)
- ► June (2)
- ► May (4)
- ► April (1)
- ► March (1)
- ► February (3)
- ► January (16)

► 2011 (113)
- ► December (7)
- ► November (4)
- ► October (1)
- ► August (3)
- ► July (4)
- ► June (37)
- ► May (23)
- ► March (34)

► 2010 (347)
- ► December (43)
- ► October (33)
- ► September (6)
- ► August (14)
- ► July (46)
- ► June (84)
- ► May (19)
- ► April (15)
- ► March (47)
- ► February (40)

► 2009 (134)
- ► December (27)
- ► November (28)
- ► October (26)
- ► September (53)

Total Pageviews

Powered by Blogger.