Quick reminder: you can activate the full YARA-Forge rule sets in our free products THOR Lite and THOR Cloud Lite Use the options shown below to select or download the rule package: In THOR Cloud Lite: select Yara Forge → core under Global Settings In THOR Lite: run ./thor-lite-util yara-forge download --ruleset core This enables the full YARA Forge rule set curated from Signature-Base, YARA-Forge, and other sources. Blog: nextron-systems.com/2025/04/…
Florian Roth ⚡️
 @cyb3rops
Nov 4
The SLAYSTYLE web shells (aka BEEFLUSH) from Mandiant’s report on BRICKSTORM (UNC5221, China-nexus) just surfaced on VirusTotal If you’re already using the rules from Signature-Base or YARA-Forge, you’re covered 0 AV detection rate Report cloud.google.com/blog/topics… Sample virustotal.com/gui/file/92fb…

Nov 4, 2025 · 4:08 PM UTC

3
14
80
Replying to @cyb3rops
If you’re running THOR Lite or THOR Cloud Lite, pull the full YARA-Forge rule set. In Cloud Lite → Global Settings → Yara Forge → core In THOR Lite: ./thor-lite-util yara-forge download --ruleset core Real hunters don’t whine about false positives. We tune. We feed the beast. #DFIR #ThreatIntel #YARA
3
GIVEAWAY! Win Pokémon Trainers Paldea Eevee Backpack! How to Enter: - Follow us - Share this post - Tag 3 friends in the comments - Important Notice: To claim your prize, please contact us directly We never send DMs to announce winners or ask for personal info.
1
1
10
Replying to @cyb3rops
Catching threats just got a gym upgrade! YARA-Forge in THOR Lite makes SOC life smoother. Thanks for laying it out so clearly 💪 Ready to put it into action!
2
Replying to @cyb3rops
Thank you for the tip Sir !
Load more