45e5b2f699a4d8f2d59ec3fc79a2e3c99db71882

Yara Rule - 2024 년에 생성 된 의심스러운 ScreenConnect 사용자를 감지하지만 로그인 없이는 Connectwise ScreenConnect (23.9.8 이전 버전) 취약점의 악용 징후가 될 수 있습니다. 관련 IOC 3개 발견

Yara 정의.

Neo23x0
Yara Rule - Detects suspicious ScreenConnect user created in 2024 but without any login, which could be a sign of exploitation of the ConnectWise ScreenConnect (versions prior to 23.9.8) vulnerability that allows an Authentication Bypass

Yara definition.
https://github.com/Neo23x0/signature-base/commit/8e14358f45d9d231d80ff751f1fadc4d19e5bed4