These rules are provided freely to the community without warranty. We provide zero guarantees with these free best effort rules and these do not reflect the same process we follow for paying customers.
In this GitHub repository you will find rules in multiple languages:
- Snort
- Yara
As well as a listing of known filehashes, filenames, and Mitre ATT&CK techniques used by the attacker. For additional information and context please review our blog at: https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html