spl/suricata/Bifrost-suricata-20250112.txt

alert ip 107.191.61.247 any -> any any (msg:"Suspicious Bifrost IP detected Entering Network: 107.191.61.247 (source) - APT Group: BlackTech"; sid:7744721591; rev:1;)
alert ip any any -> 107.191.61.247 any (msg:"Suspicious Bifrost IP detected Leaving Network: 107.191.61.247 (destination) - APT Group: BlackTech"; sid:7744721592; rev:1;)
	`alert ip 107.191.61.247 any -> any any (msg:"Suspicious Bifrost IP detected Entering Network: 107.191.61.247 (source) - APT Group: BlackTech"; sid:7744721591; rev:1;)`
	`alert ip any any -> 107.191.61.247 any (msg:"Suspicious Bifrost IP detected Leaving Network: 107.191.61.247 (destination) - APT Group: BlackTech"; sid:7744721592; rev:1;)`