Network Content Inspection Rules

Default Rule:  
Enable
Disable
Rule IDRule DescriptionConfidence LevelDDI Default RuleNetwork Content Inspection Pattern Release Date
DDI RULE 2872 XWO - Backdoor - HTTP (Request)
HIGH
2019/04/11DDI RULE 2872/vinfo/cn/threat-encyclopedia/network/ddi-rule-2872
DDI RULE 2874 ZEROSHELL RCE EXPLOIT - HTTP (Request)
HIGH
2019/04/11DDI RULE 2874/vinfo/cn/threat-encyclopedia/network/ddi-rule-2874
DDI RULE 2871 Directory Traversal Exploit Attempted - URI Variable/URI Path - HTTP (Request)
HIGH
2019/04/10DDI RULE 2871/vinfo/cn/threat-encyclopedia/network/ddi-rule-2871
DDI RULE 2869 CANITMUP - HTTP (Request)
HIGH
2019/04/10DDI RULE 2869/vinfo/cn/threat-encyclopedia/network/ddi-rule-2869
DDI RULE 2873 THINKPHP SQL INJECT Exploit - HTTP (Request)
HIGH
2019/04/10DDI RULE 2873/vinfo/cn/threat-encyclopedia/network/ddi-rule-2873
DDI RULE 1184 Directory Traversal Exploit Attempted - Messagebody - HTTP (Request)
LOW
2019/04/10DDI RULE 1184/vinfo/cn/threat-encyclopedia/network/ddi-rule-1184
DDI RULE 1645 Possible Self-Signed SSL certificate detected
MEDIUM
2019/04/09DDI RULE 1645/vinfo/cn/threat-encyclopedia/network/ddi-rule-1645
DDI RULE 2526 NECURS - HTTP (Request) - Variant 2
HIGH
2019/04/09DDI RULE 2526/vinfo/cn/threat-encyclopedia/network/ddi-rule-2526
DDI RULE 2870 IPCAMERA - EXPLOIT - RCE - HTTP (Request)
HIGH
2019/04/09DDI RULE 2870/vinfo/cn/threat-encyclopedia/network/ddi-rule-2870
DDI RULE 2867 BELKIN Router - HTTP (Request) - Variant 2
HIGH
2019/04/09DDI RULE 2867/vinfo/cn/threat-encyclopedia/network/ddi-rule-2867
DDI RULE 2868 ZTE Router - HTTP (Request) - Variant 2
HIGH
2019/04/09DDI RULE 2868/vinfo/cn/threat-encyclopedia/network/ddi-rule-2868
DDI RULE 2865 CVE-2018-17173 LG Supersign Remote Code Execution - HTTP (Request)
HIGH
2019/04/08DDI RULE 2865/vinfo/cn/threat-encyclopedia/network/ddi-rule-2865
DDI RULE 2866 MICASAVERDE VERALITE - Remote Code Execution - HTTP (Request)
HIGH
2019/04/08DDI RULE 2866/vinfo/cn/threat-encyclopedia/network/ddi-rule-2866
DDI RULE 2863 PHP DASHBOARD SQLINJECT - HTTP (Request)
HIGH
2019/04/03DDI RULE 2863/vinfo/cn/threat-encyclopedia/network/ddi-rule-2863
DDI RULE 2864 CVE-2018-1149 NUUO NVRMini2 BufferOverflow - HTTP (Request)
HIGH
2019/04/03DDI RULE 2864/vinfo/cn/threat-encyclopedia/network/ddi-rule-2864
DDI RULE 2860 Belking Wemo UPnP RCE Exploit - HTTP (Request)
HIGH
2019/04/02DDI RULE 2860/vinfo/cn/threat-encyclopedia/network/ddi-rule-2860
DDI RULE 2858 CVE-2019-1652 CISCO UNAUTHENTICATED RCE - HTTP (Request)
HIGH
2019/04/01DDI RULE 2858/vinfo/cn/threat-encyclopedia/network/ddi-rule-2858
DDI RULE 2859 Possible SPELEVO - Exploit Kit -HTTP (Response)
HIGH
2019/03/28DDI RULE 2859/vinfo/cn/threat-encyclopedia/network/ddi-rule-2859
DDI RULE 2862 MARSATORMIN - HTTP (Request)
HIGH
2019/03/28DDI RULE 2862/vinfo/cn/threat-encyclopedia/network/ddi-rule-2862
DDI RULE 2856 DLINK Command Injection Exploit - HTTP (Request) - Variant 3
HIGH
2019/03/28DDI RULE 2856/vinfo/cn/threat-encyclopedia/network/ddi-rule-2856
DDI RULE 2853 NETGEAR DGN2200v1/v2/v3/v4 - CVE-2017-6334 - Remote Code Execution - HTTP (Request)
LOW
2019/03/27DDI RULE 2853/vinfo/cn/threat-encyclopedia/network/ddi-rule-2853
DDI RULE 2854 LINKSYS_WRT110 - CVE-2013-3568 - Remote Code Execution - HTTP (Request)
LOW
2019/03/27DDI RULE 2854/vinfo/cn/threat-encyclopedia/network/ddi-rule-2854
DDI RULE 2840 NETCOMMWIRELESS - CVE-2015-6023 - CVE-2015-6024 - Remote Code Execution - HTTP (Request)
LOW
2019/03/27DDI RULE 2840/vinfo/cn/threat-encyclopedia/network/ddi-rule-2840
DDI RULE 2839 ZTE F460 F660 - Remote Code Execution - HTTP (Request)
HIGH
2019/03/26DDI RULE 2839/vinfo/cn/threat-encyclopedia/network/ddi-rule-2839
DDI RULE 2855 Netgear Prosafe RCE Exploit - HTTP (Request)
HIGH
2019/03/26DDI RULE 2855/vinfo/cn/threat-encyclopedia/network/ddi-rule-2855
DDI RULE 2857 DLINK 930L RCE EXPLOIT - HTTP (Request)
HIGH
2019/03/26DDI RULE 2857/vinfo/cn/threat-encyclopedia/network/ddi-rule-2857
DDI RULE 2828 Zyxel - Remote Code Execution - HTTP (Request)
HIGH
2019/03/26DDI RULE 2828/vinfo/cn/threat-encyclopedia/network/ddi-rule-2828
DDI RULE 2829 Zyxel - Command Injection - HTTP (Request)
HIGH
2019/03/20DDI RULE 2829/vinfo/cn/threat-encyclopedia/network/ddi-rule-2829
DDI RULE 2830 Billion-5200W-T - Command Injection - HTTP (Request)
HIGH
2019/03/20DDI RULE 2830/vinfo/cn/threat-encyclopedia/network/ddi-rule-2830
DDI RULE 2831 Billion 5200W-T - Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2019/03/20DDI RULE 2831/vinfo/cn/threat-encyclopedia/network/ddi-rule-2831
DDI RULE 2841 3COM - Remote Code Execution - HTTP (Request)
HIGH
2019/03/20DDI RULE 2841/vinfo/cn/threat-encyclopedia/network/ddi-rule-2841
DDI RULE 2852 DOC File downloaded in root directory - HTTP (Response)
HIGH
2019/03/20DDI RULE 2852/vinfo/cn/threat-encyclopedia/network/ddi-rule-2852
DDI RULE 1631 Remote Schedule Tasks through SMB protocol detected - Create Command
LOW
2019/03/20DDI RULE 1631/vinfo/cn/threat-encyclopedia/network/ddi-rule-1631
DDI RULE 1632 Remote Schedule Tasks through SMB protocol detected - Run Command
LOW
2019/03/20DDI RULE 1632/vinfo/cn/threat-encyclopedia/network/ddi-rule-1632
DDI RULE 1633 Remote Schedule Tasks through SMB protocol detected - Delete Command
LOW
2019/03/20DDI RULE 1633/vinfo/cn/threat-encyclopedia/network/ddi-rule-1633
DDI RULE 1763 STRPADT - HTTP (Request)
HIGH
2019/03/19DDI RULE 1763/vinfo/cn/threat-encyclopedia/network/ddi-rule-1763
DDI RULE 2849 CVE-2019-9194-HTTP RCE - ELFINDER (Request)
HIGH
2019/03/19DDI RULE 2849/vinfo/cn/threat-encyclopedia/network/ddi-rule-2849
DDI RULE 2850 CHWRITER - HTTP (Request)
HIGH
2019/03/19DDI RULE 2850/vinfo/cn/threat-encyclopedia/network/ddi-rule-2850
DDI RULE 2851 MAKO WEB SERVER - Command Injection - HTTP (Request)
HIGH
2019/03/19DDI RULE 2851/vinfo/cn/threat-encyclopedia/network/ddi-rule-2851
DDI RULE 2710 FLAWEDAMMYY - TCP (Request)
HIGH
2019/03/18DDI RULE 2710/vinfo/cn/threat-encyclopedia/network/ddi-rule-2710
DDI RULE 2400 Remote Enumerate Registry through SMB protocol detected
LOW
2019/03/18DDI RULE 2400/vinfo/cn/threat-encyclopedia/network/ddi-rule-2400
DDI RULE 2401 Remote Read Registry through SMB protocol detected
LOW
2019/03/18DDI RULE 2401/vinfo/cn/threat-encyclopedia/network/ddi-rule-2401
DDI RULE 2415 Remote Delete Registry through SMB protocol detected
LOW
2019/03/18DDI RULE 2415/vinfo/cn/threat-encyclopedia/network/ddi-rule-2415
DDI RULE 2068 DRIDEX - SSL (Request)
HIGH
2019/03/13DDI RULE 2068/vinfo/cn/threat-encyclopedia/network/ddi-rule-2068
DDI RULE 2848 INFOSTEAL - HTTP (Request) - Variant 4
HIGH
2019/03/13DDI RULE 2848/vinfo/cn/threat-encyclopedia/network/ddi-rule-2848
DDI RULE 2834 CVE-2019-8942 WordPress Image Remote Code Execution Exploit - HTTP (Request)
HIGH
2019/03/12DDI RULE 2834/vinfo/cn/threat-encyclopedia/network/ddi-rule-2834
DDI RULE 2780 TRICKBOT - HTTP (Request)
HIGH
2019/03/12DDI RULE 2780/vinfo/cn/threat-encyclopedia/network/ddi-rule-2780
DDI RULE 2847 INFOSTEAL - FTP (Request)
HIGH
2019/03/11DDI RULE 2847/vinfo/cn/threat-encyclopedia/network/ddi-rule-2847
DDI RULE 2844 RIG - Exploit Kit - HTTP (Request) - Variant 2
HIGH
2019/03/11DDI RULE 2844/vinfo/cn/threat-encyclopedia/network/ddi-rule-2844
DDI RULE 1196 Remote Delete Job through SMB Detected
MEDIUM
2019/03/11DDI RULE 1196/vinfo/cn/threat-encyclopedia/network/ddi-rule-1196
DDI RULE 1535 ZACOM - HTTP (Request)
HIGH
2019/03/11DDI RULE 1535/vinfo/cn/threat-encyclopedia/network/ddi-rule-1535
DDI RULE 2408 Remote Enumerate Job through SMB protocol detected
LOW
2019/03/11DDI RULE 2408/vinfo/cn/threat-encyclopedia/network/ddi-rule-2408
DDI RULE 2348 CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request)
HIGH
2019/03/11DDI RULE 2348/vinfo/cn/threat-encyclopedia/network/ddi-rule-2348
DDI RULE 2845 Possible PDF in Chrome Information Disclosure - HTTP (Request)
MEDIUM
2019/03/07DDI RULE 2845/vinfo/cn/threat-encyclopedia/network/ddi-rule-2845
DDI RULE 2826 JBOSS Webshell - HTTP (Request)
HIGH
2019/03/06DDI RULE 2826/vinfo/cn/threat-encyclopedia/network/ddi-rule-2826
DDI RULE 2819 FASTGATE - Command Injection - HTTP (Request)
HIGH
2019/03/06DDI RULE 2819/vinfo/cn/threat-encyclopedia/network/ddi-rule-2819
DDI RULE 2836 CVE-2017-0171 - Denial of Service - DNS (Response)
MEDIUM
2019/03/05DDI RULE 2836/vinfo/cn/threat-encyclopedia/network/ddi-rule-2836
DDI RULE 2837 CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request)
MEDIUM
2019/03/05DDI RULE 2837/vinfo/cn/threat-encyclopedia/network/ddi-rule-2837
DDI RULE 2814 JOOMLA - HTTP (Request)
HIGH
2019/03/05DDI RULE 2814/vinfo/cn/threat-encyclopedia/network/ddi-rule-2814
DDI RULE 2842 CVE-2014-9118 ZHONE RCE EXPLOIT - HTTP (Request)
HIGH
2019/03/05DDI RULE 2842/vinfo/cn/threat-encyclopedia/network/ddi-rule-2842
DDI RULE 2843 ZHONE XSS Exploit - HTTP (Request)
HIGH
2019/03/05DDI RULE 2843/vinfo/cn/threat-encyclopedia/network/ddi-rule-2843
DDI RULE 2791 EMPIRE - HTTP (Request) - Variant 2
MEDIUM
2019/03/05DDI RULE 2791/vinfo/cn/threat-encyclopedia/network/ddi-rule-2791
DDI RULE 2811 CVE-2018-15887 Asus device Remote code Execution Exploit- HTTP (Request)
HIGH
2019/03/04DDI RULE 2811/vinfo/cn/threat-encyclopedia/network/ddi-rule-2811
DDI RULE 2806 CVE-2016-1555 - Netgear Devices - Unauthenticated Remote Code Execution - HTTP (Request)
HIGH
2019/03/04DDI RULE 2806/vinfo/cn/threat-encyclopedia/network/ddi-rule-2806
DDI RULE 2838 SPEAKUP - HTTP (Request)
HIGH
2019/03/04DDI RULE 2838/vinfo/cn/threat-encyclopedia/network/ddi-rule-2838
DDI RULE 2835 CVE-2016-3088 ACTIVEMQ - HTTP (Request)
HIGH
2019/03/04DDI RULE 2835/vinfo/cn/threat-encyclopedia/network/ddi-rule-2835
DDI RULE 2833 CVE-2019-6340 Drupal 8 RESTful Web Services Remote Code Execution - HTTP (Request)
HIGH
2019/03/04DDI RULE 2833/vinfo/cn/threat-encyclopedia/network/ddi-rule-2833
DDI RULE 2820 Hootoo HT5 Remote code Execution - HTTP (Request)
HIGH
2019/03/04DDI RULE 2820/vinfo/cn/threat-encyclopedia/network/ddi-rule-2820
DDI RULE 2816 PHP DIESCAN - HTTP (Request)
HIGH
2019/03/04DDI RULE 2816/vinfo/cn/threat-encyclopedia/network/ddi-rule-2816
DDI RULE 2825 CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request)
HIGH
2019/03/04DDI RULE 2825/vinfo/cn/threat-encyclopedia/network/ddi-rule-2825
DDI RULE 2823 CKNIFE - HTTP (Request) - Variant 2
HIGH
2019/02/21DDI RULE 2823/vinfo/cn/threat-encyclopedia/network/ddi-rule-2823
DDI RULE 2824 CVE-2015-2280 AirLink OS Command Injection - HTTP (Request)
HIGH
2019/02/21DDI RULE 2824/vinfo/cn/threat-encyclopedia/network/ddi-rule-2824
DDI RULE 2822 RATBLAMIK - TCP (Request)
HIGH
2019/02/20DDI RULE 2822/vinfo/cn/threat-encyclopedia/network/ddi-rule-2822
DDI RULE 2821 NEUTRINO - HTTP (Response)
MEDIUM
2019/02/19DDI RULE 2821/vinfo/cn/threat-encyclopedia/network/ddi-rule-2821
DDI RULE 2385 SOAP RCE EXPLOIT - HTTP (Request)
HIGH
2019/02/14DDI RULE 2385/vinfo/cn/threat-encyclopedia/network/ddi-rule-2385
DDI RULE 2224 Covert Iodine tunnel - DNS (Request)
LOW
2019/02/12DDI RULE 2224/vinfo/cn/threat-encyclopedia/network/ddi-rule-2224
DDI RULE 2800 Possible Scan of Outstation - DNP3 (Response) Beta
LOW
2019/02/11DDI RULE 2800/vinfo/cn/threat-encyclopedia/network/ddi-rule-2800
DDI RULE 2801 Multiple Unsolicited Response - DNP3 (Response) Beta
LOW
2019/02/11DDI RULE 2801/vinfo/cn/threat-encyclopedia/network/ddi-rule-2801
DDI RULE 2795 Unauthorized Write Request - DNP3 (Request)
LOW
2019/02/11DDI RULE 2795/vinfo/cn/threat-encyclopedia/network/ddi-rule-2795
DDI RULE 2796 Unauthorized Broadcast Request - DNP3 (Request)
LOW
2019/02/11DDI RULE 2796/vinfo/cn/threat-encyclopedia/network/ddi-rule-2796
DDI RULE 2797 Possible Denial of Service - DNP3 (Request)
LOW
2019/02/11DDI RULE 2797/vinfo/cn/threat-encyclopedia/network/ddi-rule-2797
DDI RULE 2798 Unauthorized Read Request - DNP3 (Request)
LOW
2019/02/11DDI RULE 2798/vinfo/cn/threat-encyclopedia/network/ddi-rule-2798
DDI RULE 2799 Possible Scan of Points List - DNP3 (Response) Beta
LOW
2019/02/11DDI RULE 2799/vinfo/cn/threat-encyclopedia/network/ddi-rule-2799
DDI RULE 2807 TEAMFOSTEALER - HTTP (Request)
HIGH
2019/02/07DDI RULE 2807/vinfo/cn/threat-encyclopedia/network/ddi-rule-2807
DDI RULE 2812 CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Request)
MEDIUM
2019/02/07DDI RULE 2812/vinfo/cn/threat-encyclopedia/network/ddi-rule-2812
DDI RULE 2813 CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Response)
HIGH
2019/02/07DDI RULE 2813/vinfo/cn/threat-encyclopedia/network/ddi-rule-2813
DDI RULE 2810 CVE-2019-6703 WordPress Total Donations Unauthentication Exploit - HTTP (Request)
MEDIUM
2019/02/07DDI RULE 2810/vinfo/cn/threat-encyclopedia/network/ddi-rule-2810
DDI RULE 1562 DARKHOLE - HTTP (Request) - Variant 2
HIGH
2019/02/06DDI RULE 1562/vinfo/cn/threat-encyclopedia/network/ddi-rule-1562
DDI RULE 2209 NEUTRINO - Exploit Kit - HTTP (Request) - Variant 5
MEDIUM
2019/02/06DDI RULE 2209/vinfo/cn/threat-encyclopedia/network/ddi-rule-2209
DDI RULE 2817 KEYPATH Command Injection - HTTP (Request)
HIGH
2019/02/05DDI RULE 2817/vinfo/cn/threat-encyclopedia/network/ddi-rule-2817
DDI RULE 2818 SERVHELPER - HTTP (Request)
HIGH
2019/02/05DDI RULE 2818/vinfo/cn/threat-encyclopedia/network/ddi-rule-2818
DDI RULE 2815 SIEREN - TCP(Request)
HIGH
2019/01/31DDI RULE 2815/vinfo/cn/threat-encyclopedia/network/ddi-rule-2815
DDI RULE 2306 KVNDM - HTTP (Request)
HIGH
2019/01/30DDI RULE 2306/vinfo/cn/threat-encyclopedia/network/ddi-rule-2306
DDI RULE 2808 FALLOUT - Exploit Kit - HTTP (Response) - Variant 3
MEDIUM
2019/01/29DDI RULE 2808/vinfo/cn/threat-encyclopedia/network/ddi-rule-2808
DDI RULE 2802 Oracle Weblogic Exploit - HTTP (Request)
HIGH
2019/01/23DDI RULE 2802/vinfo/cn/threat-encyclopedia/network/ddi-rule-2802
DDI RULE 2803 Link-Net LW-N605R Remote Code Execution Exploit - HTTP (Request)
HIGH
2019/01/23DDI RULE 2803/vinfo/cn/threat-encyclopedia/network/ddi-rule-2803
DDI RULE 2804 Possible Router Exploit Kit - HTTP (Response)
HIGH
2019/01/23DDI RULE 2804/vinfo/cn/threat-encyclopedia/network/ddi-rule-2804
DDI RULE 2805 CVE-2019-0547 Client Remote Code Execution Exploit - DHCP (Response)
MEDIUM
2019/01/23DDI RULE 2805/vinfo/cn/threat-encyclopedia/network/ddi-rule-2805
DDI RULE 1871 DRIDEX - HTTP (Request) - Variant 3
HIGH
2019/01/23DDI RULE 1871/vinfo/cn/threat-encyclopedia/network/ddi-rule-1871
DDI RULE 2143 SQLINJECT - HTTP (Request)
LOW
2019/01/22DDI RULE 2143/vinfo/cn/threat-encyclopedia/network/ddi-rule-2143
DDI RULE 2793 APT - WINNTI - HTTP (Response)
HIGH
2019/01/21DDI RULE 2793/vinfo/cn/threat-encyclopedia/network/ddi-rule-2793
DDI RULE 2794 RIG - Exploit Kit - HTTP (Request) - Variant 7
HIGH
2019/01/17DDI RULE 2794/vinfo/cn/threat-encyclopedia/network/ddi-rule-2794
DDI RULE 2520 MAGNITUDE - Exploit Kit - HTTP (Request) - Variant 4
HIGH
2019/01/17DDI RULE 2520/vinfo/cn/threat-encyclopedia/network/ddi-rule-2520
DDI RULE 1549 APT - WINNTI - HTTP (Request)
HIGH
2019/01/14DDI RULE 1549/vinfo/cn/threat-encyclopedia/network/ddi-rule-1549
DDI RULE 2792 APT - KONNI - HTTP (Request)
HIGH
2019/01/09DDI RULE 2792/vinfo/cn/threat-encyclopedia/network/ddi-rule-2792
DDI RULE 2144 NEUTRINO - Exploit Kit - HTTP (Request) - Variant 3
MEDIUM
2019/01/03DDI RULE 2144/vinfo/cn/threat-encyclopedia/network/ddi-rule-2144
DDI RULE 2132 NEUTRINO - Exploit Kit - HTTP (Request) - Variant 2
MEDIUM
2019/01/03DDI RULE 2132/vinfo/cn/threat-encyclopedia/network/ddi-rule-2132
DDI RULE 2789 CVE-2018-8653 MSIE Remote Code Execution - HTTP (Response)
MEDIUM
2018/12/27DDI RULE 2789/vinfo/cn/threat-encyclopedia/network/ddi-rule-2789
DDI RULE 2790 APT - WILDPOSITRON - HTTP (Request)
HIGH
2018/12/26DDI RULE 2790/vinfo/cn/threat-encyclopedia/network/ddi-rule-2790
DDI RULE 1229 ALINA HTTP request - Variant 1
HIGH
2018/12/26DDI RULE 1229/vinfo/cn/threat-encyclopedia/network/ddi-rule-1229
DDI RULE 2786 ThinkPHP 5x Remote Code Execution - HTTP (Request)
HIGH
2018/12/24DDI RULE 2786/vinfo/cn/threat-encyclopedia/network/ddi-rule-2786
DDI RULE 2787 CRISISHT - HTTP (Request)
MEDIUM
2018/12/20DDI RULE 2787/vinfo/cn/threat-encyclopedia/network/ddi-rule-2787
DDI RULE 2788 CVE-2018-8476 Windows Deployment Services Remote Code Execution Exploit - TFTP (Request)
MEDIUM
2018/12/20DDI RULE 2788/vinfo/cn/threat-encyclopedia/network/ddi-rule-2788
DDI RULE 2784 Ncrack/Hydra Brute Force Tool - RDP(Request)
HIGH
2018/12/19DDI RULE 2784/vinfo/cn/threat-encyclopedia/network/ddi-rule-2784
DDI RULE 2785 L0RDIX - HTTP (Request)
MEDIUM
2018/12/18DDI RULE 2785/vinfo/cn/threat-encyclopedia/network/ddi-rule-2785
DDI RULE 2397 STONEDRILL - HTTP (Request) - Variant 2
HIGH
2018/12/18DDI RULE 2397/vinfo/cn/threat-encyclopedia/network/ddi-rule-2397
DDI RULE 2779 DNSpoinage DNS - (Response)
HIGH
2018/12/12DDI RULE 2779/vinfo/cn/threat-encyclopedia/network/ddi-rule-2779
DDI RULE 2782 TILDEB - TCP (Request)
MEDIUM
2018/12/11DDI RULE 2782/vinfo/cn/threat-encyclopedia/network/ddi-rule-2782
DDI RULE 2081 CRYPTEAR - Ransomware - HTTP (Request)
HIGH
2018/12/11DDI RULE 2081/vinfo/cn/threat-encyclopedia/network/ddi-rule-2081
DDI RULE 1214 BAYROB - HTTP (Request)
MEDIUM
2018/11/28DDI RULE 1214/vinfo/cn/threat-encyclopedia/network/ddi-rule-1214
DDI RULE 2731 KAIXIN - Exploit Kit - HTTP (Response) - Variant 5
HIGH
2018/11/22DDI RULE 2731/vinfo/cn/threat-encyclopedia/network/ddi-rule-2731
DDI RULE 2775 DOCKER API - HTTP (Request)
HIGH
2018/11/21DDI RULE 2775/vinfo/cn/threat-encyclopedia/network/ddi-rule-2775
DDI RULE 2776 Possible XML External Entity Attack - HTTP (Response)
MEDIUM
2018/11/21DDI RULE 2776/vinfo/cn/threat-encyclopedia/network/ddi-rule-2776
DDI RULE 2777 Apache Struts File Upload - HTTP (Request)
HIGH
2018/11/21DDI RULE 2777/vinfo/cn/threat-encyclopedia/network/ddi-rule-2777
DDI RULE 2778 ZTE ZXV10 Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/11/21DDI RULE 2778/vinfo/cn/threat-encyclopedia/network/ddi-rule-2778
DDI RULE 2621 Remote Code Execution - HTTP (Request)
HIGH
2018/11/21DDI RULE 2621/vinfo/cn/threat-encyclopedia/network/ddi-rule-2621
DDI RULE 2639 CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request)
HIGH
2018/11/21DDI RULE 2639/vinfo/cn/threat-encyclopedia/network/ddi-rule-2639
DDI RULE 2771 APT - POISONIVY - HTTP (Request)
HIGH
2018/11/20DDI RULE 2771/vinfo/cn/threat-encyclopedia/network/ddi-rule-2771
DDI RULE 2772 APT - GHOST - TCP (Request)
HIGH
2018/11/20DDI RULE 2772/vinfo/cn/threat-encyclopedia/network/ddi-rule-2772
DDI RULE 2774 APT - POWLOADR - HTTP (Request)
HIGH
2018/11/20DDI RULE 2774/vinfo/cn/threat-encyclopedia/network/ddi-rule-2774
DDI RULE 2713 AVTECH Command Injection Exploit - HTTP (Request)
HIGH
2018/11/20DDI RULE 2713/vinfo/cn/threat-encyclopedia/network/ddi-rule-2713
DDI RULE 2474 APT - PLEAD - TCP (Request)
HIGH
2018/11/20DDI RULE 2474/vinfo/cn/threat-encyclopedia/network/ddi-rule-2474
DDI RULE 2494 APT - ANEL - HTTP (Request)
HIGH
2018/11/20DDI RULE 2494/vinfo/cn/threat-encyclopedia/network/ddi-rule-2494
DDI RULE 2716 BINBASH Download - HTTP (Response)
HIGH
2018/11/12DDI RULE 2716/vinfo/cn/threat-encyclopedia/network/ddi-rule-2716
DDI RULE 2765 GZ Inflate in PHP File - HTTP (Response)
LOW
2018/11/12DDI RULE 2765/vinfo/cn/threat-encyclopedia/network/ddi-rule-2765
DDI RULE 2766 Possible WINBOX Remote Code Execution - TCP
MEDIUM
2018/11/12DDI RULE 2766/vinfo/cn/threat-encyclopedia/network/ddi-rule-2766
DDI RULE 2767 Window Shell Remote Code Execution - HTTP (Response)
HIGH
2018/11/12DDI RULE 2767/vinfo/cn/threat-encyclopedia/network/ddi-rule-2767
DDI RULE 2768 DLINK Router Dns Changer Exploit - HTTP (Request)
HIGH
2018/11/12DDI RULE 2768/vinfo/cn/threat-encyclopedia/network/ddi-rule-2768
DDI RULE 277 AUTORUN - HTTP (Response) - Variant 2
HIGH
2018/11/12DDI RULE 277/vinfo/cn/threat-encyclopedia/network/ddi-rule-277
DDI RULE 2770 Possible CVE-2018-8533 SQL XML Information Disclosure - HTTP (Request)
MEDIUM
2018/11/12DDI RULE 2770/vinfo/cn/threat-encyclopedia/network/ddi-rule-2770
DDI RULE 2764 Possible CVE-2018-8413 Windows Theme API RCE Download - HTTP (Response)
MEDIUM
2018/11/08DDI RULE 2764/vinfo/cn/threat-encyclopedia/network/ddi-rule-2764
DDI RULE 2763 Possible CVE-2018-15454 - Cisco ASA and FTD Software DOS - UDP (Response)
LOW
2018/11/07DDI RULE 2763/vinfo/cn/threat-encyclopedia/network/ddi-rule-2763
DDI RULE 2762 CVE-2018-9206 - JQuery Arbitrary File Upload Exploit Attempt - HTTP (Request)
HIGH
2018/11/06DDI RULE 2762/vinfo/cn/threat-encyclopedia/network/ddi-rule-2762
DDI RULE 2756 Possible ADWIND - Malicious Certificate - HTTPS (Response)
LOW
2018/11/06DDI RULE 2756/vinfo/cn/threat-encyclopedia/network/ddi-rule-2756
DDI RULE 2007 URSNIF - HTTP (Request) - Variant 3
HIGH
2018/11/06DDI RULE 2007/vinfo/cn/threat-encyclopedia/network/ddi-rule-2007
DDI RULE 2547 NETGEAR DGN1000/DGN2200 Remote Code Execution - HTTP (Request)
HIGH
2018/10/31DDI RULE 2547/vinfo/cn/threat-encyclopedia/network/ddi-rule-2547
DDI RULE 2759 UNDERMINER - Exploit Kit - HTTP (Request) - Variant 2
HIGH
2018/10/30DDI RULE 2759/vinfo/cn/threat-encyclopedia/network/ddi-rule-2759
DDI RULE 2760 DRIDEX - Malicious certificate - SSL - Variant 2
HIGH
2018/10/30DDI RULE 2760/vinfo/cn/threat-encyclopedia/network/ddi-rule-2760
DDI RULE 2761 URSNIF - HTTP (Request) - Variant 6
HIGH
2018/10/30DDI RULE 2761/vinfo/cn/threat-encyclopedia/network/ddi-rule-2761
DDI RULE 2632 GRAVITYRAT - HTTP (Request)
HIGH
2018/10/29DDI RULE 2632/vinfo/cn/threat-encyclopedia/network/ddi-rule-2632
DDI RULE 1170 ANDROMEDA - HTTP (Request)
HIGH
2018/10/25DDI RULE 1170/vinfo/cn/threat-encyclopedia/network/ddi-rule-1170
DDI RULE 2757 ELF File requested from root directory - HTTP (Response)
HIGH
2018/10/22DDI RULE 2757/vinfo/cn/threat-encyclopedia/network/ddi-rule-2757
DDI RULE 2758 GZ File requested from root directory - HTTP (Request)
HIGH
2018/10/22DDI RULE 2758/vinfo/cn/threat-encyclopedia/network/ddi-rule-2758
DDI RULE 2724 CVE-2018-8373 VBScript Use-After-Free Exploit - HTTP (Response)
MEDIUM
2018/10/08DDI RULE 2724/vinfo/cn/threat-encyclopedia/network/ddi-rule-2724
DDI RULE 2726 CVE-2018-11776 - APACHE STRUTS RCE EXPLOIT - HTTP (Request)
HIGH
2018/10/04DDI RULE 2726/vinfo/cn/threat-encyclopedia/network/ddi-rule-2726
DDI RULE 2754 EnGenius EnShare Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/10/03DDI RULE 2754/vinfo/cn/threat-encyclopedia/network/ddi-rule-2754
DDI RULE 2755 CVE-2017-6884 Zyxel OS Command Injection Exploit - HTTP (Request)
MEDIUM
2018/10/03DDI RULE 2755/vinfo/cn/threat-encyclopedia/network/ddi-rule-2755
DDI RULE 2692 LINKSYS Unauthenticated Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/10/03DDI RULE 2692/vinfo/cn/threat-encyclopedia/network/ddi-rule-2692
DDI RULE 2600 CVE-2017-10271 - Oracle Weblogic Exploit - HTTP (Request)
HIGH
2018/10/03DDI RULE 2600/vinfo/cn/threat-encyclopedia/network/ddi-rule-2600
DDI RULE 2544 JAWS Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/10/03DDI RULE 2544/vinfo/cn/threat-encyclopedia/network/ddi-rule-2544
DDI RULE 2723 MAGNITUDE - Exploit Kit - HTTP (Response)
HIGH
2018/10/02DDI RULE 2723/vinfo/cn/threat-encyclopedia/network/ddi-rule-2723
DDI RULE 2753 FALLOUT - Exploit Kit - HTTP (Request)
MEDIUM
2018/10/01DDI RULE 2753/vinfo/cn/threat-encyclopedia/network/ddi-rule-2753
DDI RULE 2623 Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/10/01DDI RULE 2623/vinfo/cn/threat-encyclopedia/network/ddi-rule-2623
DDI RULE 2736 ANTAK Webshell - HTTP (Request)
MEDIUM
2018/09/27DDI RULE 2736/vinfo/cn/threat-encyclopedia/network/ddi-rule-2736
DDI RULE 2749 Possible IE Exploit - HTTP (Response) - Variant 4
LOW
2018/09/27DDI RULE 2749/vinfo/cn/threat-encyclopedia/network/ddi-rule-2749
DDI RULE 2750 CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/09/27DDI RULE 2750/vinfo/cn/threat-encyclopedia/network/ddi-rule-2750
DDI RULE 2751 Remote Command Shell - TCP
HIGH
2018/09/27DDI RULE 2751/vinfo/cn/threat-encyclopedia/network/ddi-rule-2751
DDI RULE 2752 Remote PowerShell - TCP
HIGH
2018/09/27DDI RULE 2752/vinfo/cn/threat-encyclopedia/network/ddi-rule-2752
DDI RULE 2728 NUUO Command Injection - HTTP (Request)
HIGH
2018/09/17DDI RULE 2728/vinfo/cn/threat-encyclopedia/network/ddi-rule-2728
DDI RULE 2746 BLUEBANANA - TCP (Request)
HIGH
2018/09/13DDI RULE 2746/vinfo/cn/threat-encyclopedia/network/ddi-rule-2746
DDI RULE 2747 IE Exploit - HTTP (Response)
HIGH
2018/09/13DDI RULE 2747/vinfo/cn/threat-encyclopedia/network/ddi-rule-2747
DDI RULE 2748 Possible IE Exploit - HTTP (Response) - Variant 3
LOW
2018/09/13DDI RULE 2748/vinfo/cn/threat-encyclopedia/network/ddi-rule-2748
DDI RULE 2745 CVE-2018-9866 SonicWall XML RPC Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/09/12DDI RULE 2745/vinfo/cn/threat-encyclopedia/network/ddi-rule-2745
DDI RULE 2732 CVE-2009-3103 - Remote Code Execution - SMB2
HIGH
2018/09/04DDI RULE 2732/vinfo/cn/threat-encyclopedia/network/ddi-rule-2732
DDI RULE 2167 ALFA - Ransomware - HTTP (Request)
HIGH
2018/09/04DDI RULE 2167/vinfo/cn/threat-encyclopedia/network/ddi-rule-2167
DDI RULE 2714 KAIXIN - Exploit Kit - HTTP (Request) - Variant 2
HIGH
2018/09/03DDI RULE 2714/vinfo/cn/threat-encyclopedia/network/ddi-rule-2714
DDI RULE 2730 OMRON FINS TCP Read Controller Attempt NSE - TCP (Request)
LOW
2018/08/30DDI RULE 2730/vinfo/cn/threat-encyclopedia/network/ddi-rule-2730
DDI RULE 475 PALEVO - UDP - Variant 2
MEDIUM
2018/08/30DDI RULE 475/vinfo/cn/threat-encyclopedia/network/ddi-rule-475
DDI RULE 2729 Possible IE Exploit - HTTP (Response) - Variant 2
LOW
2018/08/29DDI RULE 2729/vinfo/cn/threat-encyclopedia/network/ddi-rule-2729
DDI RULE 1128 BANLOAD - HTTP (Request)
HIGH
2018/08/29DDI RULE 1128/vinfo/cn/threat-encyclopedia/network/ddi-rule-1128
DDI RULE 1155 BITCOIN - HTTP (Request)
HIGH
2018/08/29DDI RULE 1155/vinfo/cn/threat-encyclopedia/network/ddi-rule-1155
DDI RULE 1663 CRAZYK - HTTP (Request)
HIGH
2018/08/29DDI RULE 1663/vinfo/cn/threat-encyclopedia/network/ddi-rule-1663
DDI RULE 2005 Possible EDELLROOT certificate detected
HIGH
2018/08/29DDI RULE 2005/vinfo/cn/threat-encyclopedia/network/ddi-rule-2005
DDI RULE 2011 UPATRE - HTTP (Request) - Variant 3
HIGH
2018/08/29DDI RULE 2011/vinfo/cn/threat-encyclopedia/network/ddi-rule-2011
DDI RULE 2413 TRICKBOT - HTTP (Request)
HIGH
2018/08/29DDI RULE 2413/vinfo/cn/threat-encyclopedia/network/ddi-rule-2413
DDI RULE 2416 DETOXCRYPTO - Ransomware - HTTP (Request)
HIGH
2018/08/29DDI RULE 2416/vinfo/cn/threat-encyclopedia/network/ddi-rule-2416
DDI RULE 2711 UNDERMINER - Exploit Kit - HTTP (Response)
HIGH
2018/08/22DDI RULE 2711/vinfo/cn/threat-encyclopedia/network/ddi-rule-2711
DDI RULE 2725 Reverse Meterpreter - HTTP (Response)
HIGH
2018/08/22DDI RULE 2725/vinfo/cn/threat-encyclopedia/network/ddi-rule-2725
DDI RULE 2698 APT - WATERHOLE - HTTP (Request) - Variant 2
HIGH
2018/08/22DDI RULE 2698/vinfo/cn/threat-encyclopedia/network/ddi-rule-2698
DDI RULE 2672 CKNIFE - HTTP (Request)
HIGH
2018/08/22DDI RULE 2672/vinfo/cn/threat-encyclopedia/network/ddi-rule-2672
DDI RULE 2676 PHP Webshell - HTTP (Request) - Variant 2
HIGH
2018/08/20DDI RULE 2676/vinfo/cn/threat-encyclopedia/network/ddi-rule-2676
DDI RULE 2690 JSPSPY Webshell - HTTP (Request)
HIGH
2018/08/20DDI RULE 2690/vinfo/cn/threat-encyclopedia/network/ddi-rule-2690
DDI RULE 2720 CVE-2018-2894 Weblogic Arbitrary File Upload Exploit - HTTP (Request)
MEDIUM
2018/08/13DDI RULE 2720/vinfo/cn/threat-encyclopedia/network/ddi-rule-2720
DDI RULE 2719 WebScript Injection - HTTP (Request)
MEDIUM
2018/08/13DDI RULE 2719/vinfo/cn/threat-encyclopedia/network/ddi-rule-2719
DDI RULE 1552 APT - HAVEX - HTTP (Request)
HIGH
2018/08/13DDI RULE 1552/vinfo/cn/threat-encyclopedia/network/ddi-rule-1552
DDI RULE 1347 APT - Possible SIMBOT - HTTP (Request) - Variant 3
MEDIUM
2018/08/13DDI RULE 1347/vinfo/cn/threat-encyclopedia/network/ddi-rule-1347
DDI RULE 1415 APT - Possible POISONIVY - TCP (Request)
MEDIUM
2018/08/13DDI RULE 1415/vinfo/cn/threat-encyclopedia/network/ddi-rule-1415
DDI RULE 1577 APT - PLUGX - HTTP (Request) - Variant 6
HIGH
2018/08/13DDI RULE 1577/vinfo/cn/threat-encyclopedia/network/ddi-rule-1577
DDI RULE 1583 APT - HCOREPWSTL - HTTP (Request)
HIGH
2018/08/13DDI RULE 1583/vinfo/cn/threat-encyclopedia/network/ddi-rule-1583
DDI RULE 272 AUTORUN - HTTP (Request) - Variant 6
HIGH
2018/08/09DDI RULE 272/vinfo/cn/threat-encyclopedia/network/ddi-rule-272
DDI RULE 2717 KAIXIN - Exploit Kit - HTTP (Request) - Variant 3
HIGH
2018/08/09DDI RULE 2717/vinfo/cn/threat-encyclopedia/network/ddi-rule-2717
DDI RULE 2718 S7 Enumerate Redpoint NSE Request CPU Function Read SZL - TCP (Request)
LOW
2018/08/09DDI RULE 2718/vinfo/cn/threat-encyclopedia/network/ddi-rule-2718
DDI RULE 2715 MINER CONFIG - HTTP (Response)
HIGH
2018/08/07DDI RULE 2715/vinfo/cn/threat-encyclopedia/network/ddi-rule-2715
DDI RULE 2384 Possible EQUATED - Remote Code Execution - SMB (Request)
LOW
2018/08/07DDI RULE 2384/vinfo/cn/threat-encyclopedia/network/ddi-rule-2384
DDI RULE 2390 EQUATED - SMB (Response)
HIGH
2018/08/07DDI RULE 2390/vinfo/cn/threat-encyclopedia/network/ddi-rule-2390
DDI RULE 2429 EQUATED - Exploit Attempt - SMB (Response)
HIGH
2018/08/07DDI RULE 2429/vinfo/cn/threat-encyclopedia/network/ddi-rule-2429
DDI RULE 1087 APT - FASWIK - TCP (Request)
HIGH
2018/08/06DDI RULE 1087/vinfo/cn/threat-encyclopedia/network/ddi-rule-1087
DDI RULE 1069 APT - Possible GHOSTRAT - TCP
MEDIUM
2018/08/06DDI RULE 1069/vinfo/cn/threat-encyclopedia/network/ddi-rule-1069
DDI RULE 1257 APT - CRIDEX - HTTP (Request) - Variant 3
HIGH
2018/08/06DDI RULE 1257/vinfo/cn/threat-encyclopedia/network/ddi-rule-1257
DDI RULE 1300 APT - FARFLI - HTTP (Request)
HIGH
2018/08/06DDI RULE 1300/vinfo/cn/threat-encyclopedia/network/ddi-rule-1300
DDI RULE 1303 APT - Possible BLYPT - HTTP (Request)
MEDIUM
2018/08/06DDI RULE 1303/vinfo/cn/threat-encyclopedia/network/ddi-rule-1303
DDI RULE 2709 CVE-2018-8278 MS Edge Spoofing Exploit - HTTP (Response)
HIGH
2018/07/30DDI RULE 2709/vinfo/cn/threat-encyclopedia/network/ddi-rule-2709
DDI RULE 2704 Web Security Testing Tool - HTTP (Request) - Variant 2
HIGH
2018/07/26DDI RULE 2704/vinfo/cn/threat-encyclopedia/network/ddi-rule-2704
DDI RULE 2705 Android Debug Bridge Remote Code Execution - TCP (Request)
HIGH
2018/07/26DDI RULE 2705/vinfo/cn/threat-encyclopedia/network/ddi-rule-2705
DDI RULE 2706 OSTAP - HTTP (Request)
HIGH
2018/07/26DDI RULE 2706/vinfo/cn/threat-encyclopedia/network/ddi-rule-2706
DDI RULE 2707 DLINK Command Injection Exploit - HTTP (Request) - Variant 2
HIGH
2018/07/26DDI RULE 2707/vinfo/cn/threat-encyclopedia/network/ddi-rule-2707
DDI RULE 2708 SENDOOREOF - UDP (Request)
HIGH
2018/07/26DDI RULE 2708/vinfo/cn/threat-encyclopedia/network/ddi-rule-2708
DDI RULE 2629 Possible WEBLOGIC T3 RCE Exploit - TCP (Request)
MEDIUM
2018/07/26DDI RULE 2629/vinfo/cn/threat-encyclopedia/network/ddi-rule-2629
DDI RULE 2626 CVE-2018-7600 - Drupal Remote Code Execution - HTTP (Request)
HIGH
2018/07/25DDI RULE 2626/vinfo/cn/threat-encyclopedia/network/ddi-rule-2626
DDI RULE 2702 Host Discovery - UDP (Request)
LOW
2018/07/24DDI RULE 2702/vinfo/cn/threat-encyclopedia/network/ddi-rule-2702
DDI RULE 1242 APT - XTREME - HTTP (Request)
HIGH
2018/07/24DDI RULE 1242/vinfo/cn/threat-encyclopedia/network/ddi-rule-1242
DDI RULE 1245 APT - TROJAN TCP Request
HIGH
2018/07/24DDI RULE 1245/vinfo/cn/threat-encyclopedia/network/ddi-rule-1245
DDI RULE 1174 APT - MALEX - HTTP (Request)
HIGH
2018/07/24DDI RULE 1174/vinfo/cn/threat-encyclopedia/network/ddi-rule-1174
DDI RULE 1021 APT - Possible POISONIVY - TCP (Response) - Variant 2
MEDIUM
2018/07/24DDI RULE 1021/vinfo/cn/threat-encyclopedia/network/ddi-rule-1021
DDI RULE 2701 Possible EMOTET - HTTP (Response) - Variant 3
HIGH
2018/07/18DDI RULE 2701/vinfo/cn/threat-encyclopedia/network/ddi-rule-2701
DDI RULE 2666 CVE-2017-7529 NGINX Integer Overflow Exploit Attempt HTTP (Request)
MEDIUM
2018/07/18DDI RULE 2666/vinfo/cn/threat-encyclopedia/network/ddi-rule-2666
DDI RULE 2700 Possible WEBSHELL - HTTP (Request)
HIGH
2018/07/17DDI RULE 2700/vinfo/cn/threat-encyclopedia/network/ddi-rule-2700
DDI RULE 2699 CVE-2016-10134 - Zabbix SQL Injection - HTTP (Request)
MEDIUM
2018/07/17DDI RULE 2699/vinfo/cn/threat-encyclopedia/network/ddi-rule-2699
DDI RULE 2584 POSGERAT Data Exfiltration - DNS (Response)
LOW
2018/07/17DDI RULE 2584/vinfo/cn/threat-encyclopedia/network/ddi-rule-2584
DDI RULE 1885 Possible Data Exfiltration - DNS (Response)
LOW
2018/07/17DDI RULE 1885/vinfo/cn/threat-encyclopedia/network/ddi-rule-1885
DDI RULE 1618 CVE-2014-6271 - Shellshock HTTP Request
HIGH
2018/07/16DDI RULE 1618/vinfo/cn/threat-encyclopedia/network/ddi-rule-1618
DDI RULE 1078 Possible TOR node certificate detected
MEDIUM
2018/07/11DDI RULE 1078/vinfo/cn/threat-encyclopedia/network/ddi-rule-1078
DDI RULE 2694 CVE-2018-12613 PHPMyAdmin Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2694/vinfo/cn/threat-encyclopedia/network/ddi-rule-2694
DDI RULE 2695 CVE-2018-3606 TMCM SQL Injection Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2695/vinfo/cn/threat-encyclopedia/network/ddi-rule-2695
DDI RULE 2696 CVE-2018-0296 CISCO ASA Path Traversal Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2696/vinfo/cn/threat-encyclopedia/network/ddi-rule-2696
DDI RULE 2697 NUKESPED - TCP (Response) - Variant 2
MEDIUM
2018/07/11DDI RULE 2697/vinfo/cn/threat-encyclopedia/network/ddi-rule-2697
DDI RULE 2693 CVE-2015-5254 - ActiveMQ Deserialization Vulnerability
HIGH
2018/07/10DDI RULE 2693/vinfo/cn/threat-encyclopedia/network/ddi-rule-2693
DDI RULE 2689 CVE-2016-4438 - Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/07/03DDI RULE 2689/vinfo/cn/threat-encyclopedia/network/ddi-rule-2689
DDI RULE 1886 Data Exfiltration - DNS (Response)
LOW
2018/07/03DDI RULE 1886/vinfo/cn/threat-encyclopedia/network/ddi-rule-1886
DDI RULE 2349 Possible MIRAI - TCP (Request)
HIGH
2018/07/03DDI RULE 2349/vinfo/cn/threat-encyclopedia/network/ddi-rule-2349
DDI RULE 2529 APT - TURLA - HTTP (Request)
HIGH
2018/06/28DDI RULE 2529/vinfo/cn/threat-encyclopedia/network/ddi-rule-2529
DDI RULE 253 RUSTOCK - HTTP (Request) - Variant 2
HIGH
2018/06/28DDI RULE 253/vinfo/cn/threat-encyclopedia/network/ddi-rule-253
DDI RULE 2507 Unauthorized TESTFR IEC-104 Request
HIGH
2018/06/28DDI RULE 2507/vinfo/cn/threat-encyclopedia/network/ddi-rule-2507
DDI RULE 2508 Unauthorized STARTDT IEC-104 Request
HIGH
2018/06/28DDI RULE 2508/vinfo/cn/threat-encyclopedia/network/ddi-rule-2508
DDI RULE 2509 Unauthorized STOPDT IEC-104 Request
HIGH
2018/06/28DDI RULE 2509/vinfo/cn/threat-encyclopedia/network/ddi-rule-2509
DDI RULE 2510 Non-IEC-104 Communication Request
HIGH
2018/06/28DDI RULE 2510/vinfo/cn/threat-encyclopedia/network/ddi-rule-2510
DDI RULE 2687 CVE-2018-7602 - Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/06/28DDI RULE 2687/vinfo/cn/threat-encyclopedia/network/ddi-rule-2687
DDI RULE 2685 Possible Host Discovery - ICMP (Response)
HIGH
2018/06/28DDI RULE 2685/vinfo/cn/threat-encyclopedia/network/ddi-rule-2685
DDI RULE 2686 Command Execution - SMB (Request)
HIGH
2018/06/26DDI RULE 2686/vinfo/cn/threat-encyclopedia/network/ddi-rule-2686
DDI RULE 2680 Acunetix Web Vulnerability Scanner - HTTP (Request)
HIGH
2018/06/26DDI RULE 2680/vinfo/cn/threat-encyclopedia/network/ddi-rule-2680
DDI RULE 2681 DirBuster - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2681/vinfo/cn/threat-encyclopedia/network/ddi-rule-2681
DDI RULE 2682 NMAP - HTTP (Request
MEDIUM
2018/06/26DDI RULE 2682/vinfo/cn/threat-encyclopedia/network/ddi-rule-2682
DDI RULE 2683 W3AF - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2683/vinfo/cn/threat-encyclopedia/network/ddi-rule-2683
DDI RULE 2684 GoLismero - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2684/vinfo/cn/threat-encyclopedia/network/ddi-rule-2684
DDI RULE 2651 JBOSSAS COMMAND EXECUTION EXPLOIT - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2651/vinfo/cn/threat-encyclopedia/network/ddi-rule-2651
DDI RULE 2678 CVE-2014-3120 - ElasticSearch Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/06/25DDI RULE 2678/vinfo/cn/threat-encyclopedia/network/ddi-rule-2678
DDI RULE 2679 CVE-2016-3714 - ImageMagick Command Execution Exploit - HTTP (Request)
MEDIUM
2018/06/25DDI RULE 2679/vinfo/cn/threat-encyclopedia/network/ddi-rule-2679
DDI RULE 2674 Web Vulnerability Scanner - HTTP (Request)
HIGH
2018/06/25DDI RULE 2674/vinfo/cn/threat-encyclopedia/network/ddi-rule-2674
DDI RULE 2675 Web Vulnerability Scanner - HTTP (Request) - Variant 2
HIGH
2018/06/25DDI RULE 2675/vinfo/cn/threat-encyclopedia/network/ddi-rule-2675
DDI RULE 2668 REGEORG - HTTP (Request)
HIGH
2018/06/25DDI RULE 2668/vinfo/cn/threat-encyclopedia/network/ddi-rule-2668
DDI RULE 2669 APT - DARKHOTEL - HTTP (Request)
HIGH
2018/06/21DDI RULE 2669/vinfo/cn/threat-encyclopedia/network/ddi-rule-2669
DDI RULE 2670 Comprehensive Tool - TDS (Request)
HIGH
2018/06/21DDI RULE 2670/vinfo/cn/threat-encyclopedia/network/ddi-rule-2670
DDI RULE 2671 Vulnerability Scanner - HTTP (Request) - Variant 3
HIGH
2018/06/21DDI RULE 2671/vinfo/cn/threat-encyclopedia/network/ddi-rule-2671
DDI RULE 2673 Earthworm Port Forwarding - TCP (Request)
HIGH
2018/06/21DDI RULE 2673/vinfo/cn/threat-encyclopedia/network/ddi-rule-2673
DDI RULE 2664 CreateService - SMB (Request)
HIGH
2018/06/21DDI RULE 2664/vinfo/cn/threat-encyclopedia/network/ddi-rule-2664
DDI RULE 2665 SOFACY - HTTP (Request)
MEDIUM
2018/06/20DDI RULE 2665/vinfo/cn/threat-encyclopedia/network/ddi-rule-2665
DDI RULE 2667 CVE-2018-9995 Authentication Bypass Exploit - HTTP (Request)
HIGH
2018/06/20DDI RULE 2667/vinfo/cn/threat-encyclopedia/network/ddi-rule-2667
DDI RULE 2663 APT - EXFRAM - TCP (Request)
HIGH
2018/06/19DDI RULE 2663/vinfo/cn/threat-encyclopedia/network/ddi-rule-2663
DDI RULE 2386 C99 PHP SHELL - HTTP
HIGH
2018/06/19DDI RULE 2386/vinfo/cn/threat-encyclopedia/network/ddi-rule-2386
DDI RULE 2387 DK PHP SHELL - HTTP
HIGH
2018/06/19DDI RULE 2387/vinfo/cn/threat-encyclopedia/network/ddi-rule-2387
DDI RULE 2417 CVE-2017-7494 - Remote Code Execution - SMB (Request) - Variant 2
MEDIUM
2018/06/19DDI RULE 2417/vinfo/cn/threat-encyclopedia/network/ddi-rule-2417
DDI RULE 2658 Ghost WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2658/vinfo/cn/threat-encyclopedia/network/ddi-rule-2658
DDI RULE 2659 PHP WebShell - HTTP (Request) - Variant 2
MEDIUM
2018/06/18DDI RULE 2659/vinfo/cn/threat-encyclopedia/network/ddi-rule-2659
DDI RULE 2660 ASP WebShell - HTTP (Request)
HIGH
2018/06/18DDI RULE 2660/vinfo/cn/threat-encyclopedia/network/ddi-rule-2660
DDI RULE 2661 HYTOP2006 ASP WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2661/vinfo/cn/threat-encyclopedia/network/ddi-rule-2661
DDI RULE 2662 PHPSPY WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2662/vinfo/cn/threat-encyclopedia/network/ddi-rule-2662
DDI RULE 266 GOZI - HTTP (Request)
HIGH
2018/06/12DDI RULE 266/vinfo/cn/threat-encyclopedia/network/ddi-rule-266
DDI RULE 2655 Possible CVE-2017-9506 Atlassian OAth Proxy Exploit - HTTP (Request)
MEDIUM
2018/06/12DDI RULE 2655/vinfo/cn/threat-encyclopedia/network/ddi-rule-2655
DDI RULE 2656 CVE-2018-1418 - QRADAR Command Injection - HTTP (Request)
HIGH
2018/06/12DDI RULE 2656/vinfo/cn/threat-encyclopedia/network/ddi-rule-2656
DDI RULE 2602 RIG - Exploit Kit - HTTP (Request) - Variant 5
HIGH
2018/06/06DDI RULE 2602/vinfo/cn/threat-encyclopedia/network/ddi-rule-2602
DDI RULE 2653 PHOTOMINER - HTTP (Response)
HIGH
2018/06/05DDI RULE 2653/vinfo/cn/threat-encyclopedia/network/ddi-rule-2653
DDI RULE 2654 Powershell - SMB
MEDIUM
2018/06/05DDI RULE 2654/vinfo/cn/threat-encyclopedia/network/ddi-rule-2654
DDI RULE 2418 Suspicious file rename - SMB (Request)
HIGH
2018/06/05DDI RULE 2418/vinfo/cn/threat-encyclopedia/network/ddi-rule-2418
DDI RULE 2445 Suspicious file rename - SMB2 (Request)
HIGH
2018/06/05DDI RULE 2445/vinfo/cn/threat-encyclopedia/network/ddi-rule-2445
DDI RULE 2652 VPNFILTER - HTTP (Request)
HIGH
2018/06/04DDI RULE 2652/vinfo/cn/threat-encyclopedia/network/ddi-rule-2652
DDI RULE 2649 GRANDSOFT - Exploit Kit - HTTP(Request)
HIGH
2018/05/30DDI RULE 2649/vinfo/cn/threat-encyclopedia/network/ddi-rule-2649
DDI RULE 2650 ANDROM - HTTP (Response)
MEDIUM
2018/05/30DDI RULE 2650/vinfo/cn/threat-encyclopedia/network/ddi-rule-2650
DDI RULE 2624 POWERDNS - DNS (Response)
HIGH
2018/05/30DDI RULE 2624/vinfo/cn/threat-encyclopedia/network/ddi-rule-2624
DDI RULE 2648 CVE-2018-1000136 Electron Node Integration Exploit- HTTP (Request)
HIGH
2018/05/28DDI RULE 2648/vinfo/cn/threat-encyclopedia/network/ddi-rule-2648
DDI RULE 2647 ANDROM - HTTP (Request)
HIGH
2018/05/22DDI RULE 2647/vinfo/cn/threat-encyclopedia/network/ddi-rule-2647
DDI RULE 2645 CVE-2017-16598 Netgain SNMPWALK IP Directory Traversal Exploit HTTP - (Request)
HIGH
2018/05/21DDI RULE 2645/vinfo/cn/threat-encyclopedia/network/ddi-rule-2645
DDI RULE 2646 CVE-2018-1111 Remote Code Injection Exploit - DHCP (Response)
HIGH
2018/05/21DDI RULE 2646/vinfo/cn/threat-encyclopedia/network/ddi-rule-2646
DDI RULE 2641 CVE-2018-1308 Apache Solr Data Import Handler XML Exploit - HTTP (Request)
HIGH
2018/05/21DDI RULE 2641/vinfo/cn/threat-encyclopedia/network/ddi-rule-2641
DDI RULE 2644 Suspicious Access to a bit Domain - DNS (Response)
MEDIUM
2018/05/17DDI RULE 2644/vinfo/cn/threat-encyclopedia/network/ddi-rule-2644
DDI RULE 2072 CVE-2016-3081 - Remote Code Execution - HTTP (Request) - Variant 2
LOW
2018/05/17DDI RULE 2072/vinfo/cn/threat-encyclopedia/network/ddi-rule-2072
DDI RULE 2642 NEGASTEAL - HTTP (Request)
HIGH
2018/05/16DDI RULE 2642/vinfo/cn/threat-encyclopedia/network/ddi-rule-2642
DDI RULE 2643 NECURS - SMB
HIGH
2018/05/16DDI RULE 2643/vinfo/cn/threat-encyclopedia/network/ddi-rule-2643
DDI RULE 2638 CVE-2018-7602 - Remote Code Execution - HTTP (Request)
HIGH
2018/05/15DDI RULE 2638/vinfo/cn/threat-encyclopedia/network/ddi-rule-2638
DDI RULE 2640 CVE-2018-5443 Advantech Webaccess SQL Injection - HTTP (Request)
HIGH
2018/05/15DDI RULE 2640/vinfo/cn/threat-encyclopedia/network/ddi-rule-2640
DDI RULE 2637 CVE-2018-0171 Buffer Overflow - TCP (Request)
MEDIUM
2018/05/09DDI RULE 2637/vinfo/cn/threat-encyclopedia/network/ddi-rule-2637
DDI RULE 2625 UDPOS - DNS (Request)
HIGH
2018/05/09DDI RULE 2625/vinfo/cn/threat-encyclopedia/network/ddi-rule-2625
DDI RULE 2574 CVE-2017-16943 EXIM Remote Code Execution exploit - SMTP (Request)
MEDIUM
2018/05/08DDI RULE 2574/vinfo/cn/threat-encyclopedia/network/ddi-rule-2574
DDI RULE 2635 Abnormal x509v3 Subject Key Identifier extension - HTTPS (Response)
LOW
2018/05/07DDI RULE 2635/vinfo/cn/threat-encyclopedia/network/ddi-rule-2635
DDI RULE 2636 Executable File inside Certificate - HTTPS (Response)
HIGH
2018/05/07DDI RULE 2636/vinfo/cn/threat-encyclopedia/network/ddi-rule-2636
DDI RULE 2633 JAKU - HTTP (Request)
HIGH
2018/05/03DDI RULE 2633/vinfo/cn/threat-encyclopedia/network/ddi-rule-2633
DDI RULE 2634 KWAMPIRS - HTTP (Request)
HIGH
2018/05/03DDI RULE 2634/vinfo/cn/threat-encyclopedia/network/ddi-rule-2634
DDI RULE 2631 CVE-2018-9843 Rest API Remote Code Execution - HTTP (Request)
HIGH
2018/05/03DDI RULE 2631/vinfo/cn/threat-encyclopedia/network/ddi-rule-2631
DDI RULE 2630 HNAP1 Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/05/02DDI RULE 2630/vinfo/cn/threat-encyclopedia/network/ddi-rule-2630
DDI RULE 2604 CVE-2018-6389 WordPress Load-Scripts Exploit - HTTP (Request)
HIGH
2018/05/02DDI RULE 2604/vinfo/cn/threat-encyclopedia/network/ddi-rule-2604
DDI RULE 2627 Possible EMPIRE - HTTP (Request)
HIGH
2018/04/24DDI RULE 2627/vinfo/cn/threat-encyclopedia/network/ddi-rule-2627
DDI RULE 2628 HNAP1 Buffer Overflow Exploit - HTTP (Request)
MEDIUM
2018/04/24DDI RULE 2628/vinfo/cn/threat-encyclopedia/network/ddi-rule-2628
DDI RULE 2572 HTA PowerShell Empire - HTTP (Request) - Variant 2
HIGH
2018/04/24DDI RULE 2572/vinfo/cn/threat-encyclopedia/network/ddi-rule-2572
DDI RULE 2037 Possible HTA PowerShell Empire (Request)
HIGH
2018/04/24DDI RULE 2037/vinfo/cn/threat-encyclopedia/network/ddi-rule-2037
DDI RULE 2049 LETSENCRYPT SSL CERTIFICATE detected
HIGH
2018/04/16DDI RULE 2049/vinfo/cn/threat-encyclopedia/network/ddi-rule-2049
DDI RULE 2622 CVE-2013-4810 JBoss AS Marshalled Object Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/04/10DDI RULE 2622/vinfo/cn/threat-encyclopedia/network/ddi-rule-2622
DDI RULE 2618 CVE-2018-0833 Denial of Sercice - SMB2 (Response)
HIGH
2018/04/10DDI RULE 2618/vinfo/cn/threat-encyclopedia/network/ddi-rule-2618
DDI RULE 2619 CVE-2013-2618 Network Weathermap Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/04/10DDI RULE 2619/vinfo/cn/threat-encyclopedia/network/ddi-rule-2619
DDI RULE 262 FAKEAV - HTTP (Request) - Variant 23
HIGH
2018/04/10DDI RULE 262/vinfo/cn/threat-encyclopedia/network/ddi-rule-262
DDI RULE 2605 UDPOS - HTTP (Request)
HIGH
2018/04/10DDI RULE 2605/vinfo/cn/threat-encyclopedia/network/ddi-rule-2605
DDI RULE 1179 ZBOT - HTTP (Request) - Variant 4
HIGH
2018/04/05DDI RULE 1179/vinfo/cn/threat-encyclopedia/network/ddi-rule-1179
DDI RULE 118 Public C&C IP address - IRC (Request)
MEDIUM
2018/04/05DDI RULE 118/vinfo/cn/threat-encyclopedia/network/ddi-rule-118
DDI RULE 2458 COMMAND INJECTION IN URI - HTTP
HIGH
2018/04/05DDI RULE 2458/vinfo/cn/threat-encyclopedia/network/ddi-rule-2458
DDI RULE 2620 Suspicious Executable File Download - HTTP (Response)
HIGH
2018/04/04DDI RULE 2620/vinfo/cn/threat-encyclopedia/network/ddi-rule-2620
DDI RULE 2616 Suspicious CWS Flash - HTTP (Response)
MEDIUM
2018/03/28DDI RULE 2616/vinfo/cn/threat-encyclopedia/network/ddi-rule-2616
DDI RULE 2617 GANDCRAB - Ransomware - HTTP (Response)
HIGH
2018/03/28DDI RULE 2617/vinfo/cn/threat-encyclopedia/network/ddi-rule-2617
DDI RULE 2562 Signed Malware Certificate - SSL
MEDIUM
2018/03/28DDI RULE 2562/vinfo/cn/threat-encyclopedia/network/ddi-rule-2562
DDI RULE 634 APT - DARKCOMET - HTTP (Request)
HIGH
2018/03/26DDI RULE 634/vinfo/cn/threat-encyclopedia/network/ddi-rule-634
DDI RULE 673 RAMNIT - TCP
HIGH
2018/03/26DDI RULE 673/vinfo/cn/threat-encyclopedia/network/ddi-rule-673
DDI RULE 1127 AUTORUN - HTTP (Request)
HIGH
2018/03/26DDI RULE 1127/vinfo/cn/threat-encyclopedia/network/ddi-rule-1127
DDI RULE 1454 NJW0RM TCP Request
HIGH
2018/03/26DDI RULE 1454/vinfo/cn/threat-encyclopedia/network/ddi-rule-1454
DDI RULE 1563 APT - DARKCOMET - TCP - Variant 3
HIGH
2018/03/26DDI RULE 1563/vinfo/cn/threat-encyclopedia/network/ddi-rule-1563
DDI RULE 1809 CRYPTESLA - Ransomware - HTTP (Response)
HIGH
2018/03/26DDI RULE 1809/vinfo/cn/threat-encyclopedia/network/ddi-rule-1809
DDI RULE 2157 LOKI - HTTP (Request)
HIGH
2018/03/26DDI RULE 2157/vinfo/cn/threat-encyclopedia/network/ddi-rule-2157
DDI RULE 2141 ATMOS - HTTP (Response)
HIGH
2018/03/26DDI RULE 2141/vinfo/cn/threat-encyclopedia/network/ddi-rule-2141
DDI RULE 2314 MALICIOUS - HTTP (Response)
HIGH
2018/03/26DDI RULE 2314/vinfo/cn/threat-encyclopedia/network/ddi-rule-2314
DDI RULE 2232 RULTAZO - HTTP (Request)
HIGH
2018/03/26DDI RULE 2232/vinfo/cn/threat-encyclopedia/network/ddi-rule-2232
DDI RULE 2279 QUANTLOADER - HTTP (Request)
HIGH
2018/03/26DDI RULE 2279/vinfo/cn/threat-encyclopedia/network/ddi-rule-2279
DDI RULE 2504 CVE-2017-9798 - APACHE OPTIONSBLEED Vulnerability - HTTP (Response)
HIGH
2018/03/21DDI RULE 2504/vinfo/cn/threat-encyclopedia/network/ddi-rule-2504
DDI RULE 2615 CVE-2017-12629 Apache Solr XML RCE Exploit - HTTP (Request)
HIGH
2018/03/20DDI RULE 2615/vinfo/cn/threat-encyclopedia/network/ddi-rule-2615
DDI RULE 319 VIRTUMONDE - HTTP (Request)
MEDIUM
2018/03/20DDI RULE 319/vinfo/cn/threat-encyclopedia/network/ddi-rule-319
DDI RULE 32 Suspicious executable file extension - Variant 3
MEDIUM
2018/03/20DDI RULE 32/vinfo/cn/threat-encyclopedia/network/ddi-rule-32
DDI RULE 2610 Possible MEMCACHED Amplified DDOS Attempt - UDP (Request)
HIGH
2018/03/19DDI RULE 2610/vinfo/cn/threat-encyclopedia/network/ddi-rule-2610
DDI RULE 2611 CANNIBALRAT - HTTP (Request)
HIGH
2018/03/19DDI RULE 2611/vinfo/cn/threat-encyclopedia/network/ddi-rule-2611
DDI RULE 2612 NETWIRED - TCP (Request)
HIGH
2018/03/19DDI RULE 2612/vinfo/cn/threat-encyclopedia/network/ddi-rule-2612
DDI RULE 2613 POWERSHELL Download - HTTP (Request) - Variant 2
HIGH
2018/03/19DDI RULE 2613/vinfo/cn/threat-encyclopedia/network/ddi-rule-2613
DDI RULE 1571 ZOLLARD Command Execution - HTTP (Request)
HIGH
2018/03/15DDI RULE 1571/vinfo/cn/threat-encyclopedia/network/ddi-rule-1571
DDI RULE 1434 Remote PHP-CGI Command Execution - HTTP (Request)
HIGH
2018/03/15DDI RULE 1434/vinfo/cn/threat-encyclopedia/network/ddi-rule-1434
DDI RULE 2608 EMOTET - HTTP (Response) - Variant 2
HIGH
2018/03/12DDI RULE 2608/vinfo/cn/threat-encyclopedia/network/ddi-rule-2608
DDI RULE 2609 HANCITOR - HTTP (Request) - Variant 3
HIGH
2018/03/12DDI RULE 2609/vinfo/cn/threat-encyclopedia/network/ddi-rule-2609
DDI RULE 1450 ZBOT - HTTP (Request) - Variant 6
HIGH
2018/03/08DDI RULE 1450/vinfo/cn/threat-encyclopedia/network/ddi-rule-1450
DDI RULE 2380 CVE-2017-0147 - Information Disclosure Exploit - SMB (Request)
MEDIUM
2018/03/07DDI RULE 2380/vinfo/cn/threat-encyclopedia/network/ddi-rule-2380
DDI RULE 2382 CVE-2017-0145 - Remote Code Execution - SMB (Request)
MEDIUM
2018/03/07DDI RULE 2382/vinfo/cn/threat-encyclopedia/network/ddi-rule-2382
DDI RULE 2383 CVE-2017-0144 - Remote Code Execution - SMB (Request)
HIGH
2018/03/07DDI RULE 2383/vinfo/cn/threat-encyclopedia/network/ddi-rule-2383
DDI RULE 2435 MS17-010 - Remote Code Execution - SMB (Request)
MEDIUM
2018/03/07DDI RULE 2435/vinfo/cn/threat-encyclopedia/network/ddi-rule-2435
DDI RULE 2528 MS17-010 - Remote Code Execution - SMB (Request) - Variant 2
HIGH
2018/03/07DDI RULE 2528/vinfo/cn/threat-encyclopedia/network/ddi-rule-2528
DDI RULE 1896 ANDROID METERPRETER REVERSE TCP Response
HIGH
2018/03/01DDI RULE 1896/vinfo/cn/threat-encyclopedia/network/ddi-rule-1896
DDI RULE 1897 ANDROID SHELL REVERSE TCP Response
HIGH
2018/03/01DDI RULE 1897/vinfo/cn/threat-encyclopedia/network/ddi-rule-1897
DDI RULE 2000 REVERSE TCP DLLINJECT METASPLOIT PAYLOAD
HIGH
2018/03/01DDI RULE 2000/vinfo/cn/threat-encyclopedia/network/ddi-rule-2000
DDI RULE 2001 LSASS Dump File Upload
LOW
2018/03/01DDI RULE 2001/vinfo/cn/threat-encyclopedia/network/ddi-rule-2001
DDI RULE 2436 CVE-2017-8543 - Remote Code Execution - SMB (Request)
HIGH
2018/03/01DDI RULE 2436/vinfo/cn/threat-encyclopedia/network/ddi-rule-2436
DDI RULE 2493 CVE-2017-8759 - SOAP WSDL Command Injection Exploit - HTTP (Request)
HIGH
2018/03/01DDI RULE 2493/vinfo/cn/threat-encyclopedia/network/ddi-rule-2493
DDI RULE 2490 CVE-2017-9805 - ApacheStruts XStream RCE Exploit - HTTP (Request)
HIGH
2018/03/01DDI RULE 2490/vinfo/cn/threat-encyclopedia/network/ddi-rule-2490
DDI RULE 2491 CVE-2017-12611 - APACHE STRUTS EXPLOIT - HTTP (Request)
HIGH
2018/03/01DDI RULE 2491/vinfo/cn/threat-encyclopedia/network/ddi-rule-2491
DDI RULE 2505 Linux Reverse Shell - TCP (Response)
HIGH
2018/03/01DDI RULE 2505/vinfo/cn/threat-encyclopedia/network/ddi-rule-2505
DDI RULE 2502 CVE-2017-5689 - Intel AMT Digest Authentication Bypass exploit - HTTP (Request)
HIGH
2018/03/01DDI RULE 2502/vinfo/cn/threat-encyclopedia/network/ddi-rule-2502
DDI RULE 2539 AVTECH Authentication ByPass Exploit - HTTP (Request)
HIGH
2018/03/01DDI RULE 2539/vinfo/cn/threat-encyclopedia/network/ddi-rule-2539
DDI RULE 2550 DLINK Command Injection Exploit - HTTP (Request)
HIGH
2018/03/01DDI RULE 2550/vinfo/cn/threat-encyclopedia/network/ddi-rule-2550
DDI RULE 2543 VACRON Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/03/01DDI RULE 2543/vinfo/cn/threat-encyclopedia/network/ddi-rule-2543
DDI RULE 2601 CVE-2017-12635 Apache CouchDB Escalation Privelage - HTTP (Request)
HIGH
2018/03/01DDI RULE 2601/vinfo/cn/threat-encyclopedia/network/ddi-rule-2601
DDI RULE 2607 NUKESPED - TCP (Response)
HIGH
2018/03/01DDI RULE 2607/vinfo/cn/threat-encyclopedia/network/ddi-rule-2607
DDI RULE 2593 CVE-2017-4933 VMWDynResolution Buffer Overflow Exploit - VNC (Request)
HIGH
2018/03/01DDI RULE 2593/vinfo/cn/threat-encyclopedia/network/ddi-rule-2593
DDI RULE 2409 File renamed - LOCKY - Ransomware - SMB (Request)
HIGH
2018/02/28DDI RULE 2409/vinfo/cn/threat-encyclopedia/network/ddi-rule-2409
DDI RULE 241 Incorrect Content-Type value in header - HTTP (Response) - Variant 2
MEDIUM
2018/02/28DDI RULE 241/vinfo/cn/threat-encyclopedia/network/ddi-rule-241
DDI RULE 2410 File renamed - CRYSIS - Ransomware - SMB (Request)
HIGH
2018/02/28DDI RULE 2410/vinfo/cn/threat-encyclopedia/network/ddi-rule-2410
DDI RULE 2365 File renamed - SOREBRECT - Ransomware - SMB (Request)
HIGH
2018/02/28DDI RULE 2365/vinfo/cn/threat-encyclopedia/network/ddi-rule-2365
DDI RULE 2606 HTA Download - HTTP (Request)
LOW
2018/02/26DDI RULE 2606/vinfo/cn/threat-encyclopedia/network/ddi-rule-2606
DDI RULE 1667 CVE-2014-6332 - OLE Array Remote Code Execution HTTP Exploit
HIGH
2018/02/22DDI RULE 1667/vinfo/cn/threat-encyclopedia/network/ddi-rule-1667
DDI RULE 2603 CVE-2017-12636 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/02/21DDI RULE 2603/vinfo/cn/threat-encyclopedia/network/ddi-rule-2603
DDI RULE 1540 RIG Exploit - HTTP (Request) - Variant 2
HIGH
2018/02/19DDI RULE 1540/vinfo/cn/threat-encyclopedia/network/ddi-rule-1540
DDI RULE 1578 RIG Exploit - HTTP (Request)
HIGH
2018/02/19DDI RULE 1578/vinfo/cn/threat-encyclopedia/network/ddi-rule-1578
DDI RULE 1799 CRYPTESLA - HTTP (Request) - Variant 2
HIGH
2018/02/19DDI RULE 1799/vinfo/cn/threat-encyclopedia/network/ddi-rule-1799
DDI RULE 1790 CRYPTESLA HTTP REQUEST
HIGH
2018/02/19DDI RULE 1790/vinfo/cn/threat-encyclopedia/network/ddi-rule-1790
DDI RULE 1860 CRYPTESLA - Ransomware - HTTP (Request) - Variant 3
HIGH
2018/02/19DDI RULE 1860/vinfo/cn/threat-encyclopedia/network/ddi-rule-1860
DDI RULE 2032 CRYPTESLA - Ransomware - HTTP (Request) - Variant 4
HIGH
2018/02/19DDI RULE 2032/vinfo/cn/threat-encyclopedia/network/ddi-rule-2032
DDI RULE 2131 RIG - Exploit Kit - HTTP(Request) - Variant 3
HIGH
2018/02/19DDI RULE 2131/vinfo/cn/threat-encyclopedia/network/ddi-rule-2131
DDI RULE 2441 PsExec PETYA - Ransomware - SMB
HIGH
2018/02/13DDI RULE 2441/vinfo/cn/threat-encyclopedia/network/ddi-rule-2441
DDI RULE 2442 Possible PsExec PETYA - Ransomware - SMB
MEDIUM
2018/02/13DDI RULE 2442/vinfo/cn/threat-encyclopedia/network/ddi-rule-2442
DDI RULE 2527 CreateService BADRABBIT - Ransomware - SMB
HIGH
2018/02/13DDI RULE 2527/vinfo/cn/threat-encyclopedia/network/ddi-rule-2527
DDI RULE 2598 PsExec PETYA - Ransomware - SMB2
HIGH
2018/02/13DDI RULE 2598/vinfo/cn/threat-encyclopedia/network/ddi-rule-2598
DDI RULE 2599 CreateService BADRABBIT - Ransomware - SMB2
HIGH
2018/02/13DDI RULE 2599/vinfo/cn/threat-encyclopedia/network/ddi-rule-2599
DDI RULE 2594 CVE-2017-3506 - Oracle Weblogic Exploit - HTTP (Request)
HIGH
2018/02/13DDI RULE 2594/vinfo/cn/threat-encyclopedia/network/ddi-rule-2594
DDI RULE 2595 CROSSRAT - TCP (Request)
HIGH
2018/02/12DDI RULE 2595/vinfo/cn/threat-encyclopedia/network/ddi-rule-2595
DDI RULE 2596 SMOMINRU - HTTP (Request)
HIGH
2018/02/12DDI RULE 2596/vinfo/cn/threat-encyclopedia/network/ddi-rule-2596
DDI RULE 2597 GANDCRAB - Ransomware - HTTP (Request)
HIGH
2018/02/12DDI RULE 2597/vinfo/cn/threat-encyclopedia/network/ddi-rule-2597
DDI RULE 2592 PROTUX - HTTP (Request) - Variant 2
HIGH
2018/02/12DDI RULE 2592/vinfo/cn/threat-encyclopedia/network/ddi-rule-2592
DDI RULE 2357 CVE-2017-7269 - WebDAV Buffer Overflow - HTTP (Request)
HIGH
2018/02/07DDI RULE 2357/vinfo/cn/threat-encyclopedia/network/ddi-rule-2357
DDI RULE 1854 SWITREX LOGIN Request
HIGH
2018/02/06DDI RULE 1854/vinfo/cn/threat-encyclopedia/network/ddi-rule-1854
DDI RULE 2591 KRBANKER - HTTP (Response)
HIGH
2018/01/30DDI RULE 2591/vinfo/cn/threat-encyclopedia/network/ddi-rule-2591
DDI RULE 2560 SAD - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2560/vinfo/cn/threat-encyclopedia/network/ddi-rule-2560
DDI RULE 2561 DYNAMER - HTTP (Request) - Variant 2
HIGH
2018/01/25DDI RULE 2561/vinfo/cn/threat-encyclopedia/network/ddi-rule-2561
DDI RULE 2570 UBOATRAT - HTTP (Request)
HIGH
2018/01/25DDI RULE 2570/vinfo/cn/threat-encyclopedia/network/ddi-rule-2570
DDI RULE 2571 MAILSPLOIT - SMTP (Request)
HIGH
2018/01/25DDI RULE 2571/vinfo/cn/threat-encyclopedia/network/ddi-rule-2571
DDI RULE 2577 DIGMINE - HTTP (Request)
HIGH
2018/01/25DDI RULE 2577/vinfo/cn/threat-encyclopedia/network/ddi-rule-2577
DDI RULE 2578 CVE-2017-17215 - Remote Code Execution - HTTP (Request)
HIGH
2018/01/25DDI RULE 2578/vinfo/cn/threat-encyclopedia/network/ddi-rule-2578
DDI RULE 2579 MALPHISH - HTTP (Request) - Variant 2
HIGH
2018/01/25DDI RULE 2579/vinfo/cn/threat-encyclopedia/network/ddi-rule-2579
DDI RULE 258 FAKEAV - HTTP (Request) - Variant 8
HIGH
2018/01/25DDI RULE 258/vinfo/cn/threat-encyclopedia/network/ddi-rule-258
DDI RULE 2580 AGENT - HTTP (Request) - Variant 5
HIGH
2018/01/25DDI RULE 2580/vinfo/cn/threat-encyclopedia/network/ddi-rule-2580
DDI RULE 2581 BITMAN - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2581/vinfo/cn/threat-encyclopedia/network/ddi-rule-2581
DDI RULE 1096 RANSOM - HTTP (Request) - Variant 2
HIGH
2018/01/25DDI RULE 1096/vinfo/cn/threat-encyclopedia/network/ddi-rule-1096
DDI RULE 1097 RANSOM - HTTP (Request) - Variant 3
HIGH
2018/01/25DDI RULE 1097/vinfo/cn/threat-encyclopedia/network/ddi-rule-1097
DDI RULE 1172 RANSOM - HTTP (Request) - Variant 5
HIGH
2018/01/25DDI RULE 1172/vinfo/cn/threat-encyclopedia/network/ddi-rule-1172
DDI RULE 1164 RANSOM - HTTP (Request) - Variant 4
HIGH
2018/01/25DDI RULE 1164/vinfo/cn/threat-encyclopedia/network/ddi-rule-1164
DDI RULE 1213 RANSOM - HTTP (Request) - Variant 6
HIGH
2018/01/25DDI RULE 1213/vinfo/cn/threat-encyclopedia/network/ddi-rule-1213
DDI RULE 1500 RANSOM TCP Request - Class 1
HIGH
2018/01/25DDI RULE 1500/vinfo/cn/threat-encyclopedia/network/ddi-rule-1500
DDI RULE 1302 RANSOM - HTTP (Request) - Variant 7
HIGH
2018/01/25DDI RULE 1302/vinfo/cn/threat-encyclopedia/network/ddi-rule-1302
DDI RULE 1295 RANSOM - HTTP (Request) - Variant 9
HIGH
2018/01/25DDI RULE 1295/vinfo/cn/threat-encyclopedia/network/ddi-rule-1295
DDI RULE 1614 RANSOM - HTTP (Request) - Variant 13
HIGH
2018/01/25DDI RULE 1614/vinfo/cn/threat-encyclopedia/network/ddi-rule-1614
DDI RULE 1771 RANSOM TCP Request - Class 2
HIGH
2018/01/25DDI RULE 1771/vinfo/cn/threat-encyclopedia/network/ddi-rule-1771
DDI RULE 2148 JSRAA - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2148/vinfo/cn/threat-encyclopedia/network/ddi-rule-2148
DDI RULE 2153 SATANA - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2153/vinfo/cn/threat-encyclopedia/network/ddi-rule-2153
DDI RULE 2071 CERBER - Ransomware - UDP
HIGH
2018/01/25DDI RULE 2071/vinfo/cn/threat-encyclopedia/network/ddi-rule-2071
DDI RULE 2074 SURPRISE - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2074/vinfo/cn/threat-encyclopedia/network/ddi-rule-2074
DDI RULE 2077 CRYPNISCA - Ransomware - UDP
HIGH
2018/01/25DDI RULE 2077/vinfo/cn/threat-encyclopedia/network/ddi-rule-2077
DDI RULE 2344 SPORA - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2344/vinfo/cn/threat-encyclopedia/network/ddi-rule-2344
DDI RULE 2292 SPICYCRYPT - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2292/vinfo/cn/threat-encyclopedia/network/ddi-rule-2292
DDI RULE 2271 WILDFIRE - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2271/vinfo/cn/threat-encyclopedia/network/ddi-rule-2271
DDI RULE 2227 SKEEYAH - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2227/vinfo/cn/threat-encyclopedia/network/ddi-rule-2227
DDI RULE 2554 ICEDID - HTTP (Request)
HIGH
2018/01/25DDI RULE 2554/vinfo/cn/threat-encyclopedia/network/ddi-rule-2554
DDI RULE 2555 TOXOCARA - HTTP (Request)
HIGH
2018/01/25DDI RULE 2555/vinfo/cn/threat-encyclopedia/network/ddi-rule-2555
DDI RULE 2556 TIGGRE - TCP (Request)
HIGH
2018/01/25DDI RULE 2556/vinfo/cn/threat-encyclopedia/network/ddi-rule-2556
DDI RULE 2557 VOLGMER - HTTP (Request)
HIGH
2018/01/25DDI RULE 2557/vinfo/cn/threat-encyclopedia/network/ddi-rule-2557
DDI RULE 2558 CVE-2017-11779 - DNSAPI NSEC3 Buffer Overflow Exploit - DNS (Response)
HIGH
2018/01/25DDI RULE 2558/vinfo/cn/threat-encyclopedia/network/ddi-rule-2558
DDI RULE 2590 CVE-2017-6736 - Remote Code Execution Exploit - SNMP (Request)
MEDIUM
2018/01/24DDI RULE 2590/vinfo/cn/threat-encyclopedia/network/ddi-rule-2590
DDI RULE 2588 CVE-2017-9822 DotNetNuke Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/01/22DDI RULE 2588/vinfo/cn/threat-encyclopedia/network/ddi-rule-2588
DDI RULE 2352 CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request) - Variant 2
HIGH
2018/01/22DDI RULE 2352/vinfo/cn/threat-encyclopedia/network/ddi-rule-2352
DDI RULE 2589 LOKI - HTTP (Response)
HIGH
2018/01/18DDI RULE 2589/vinfo/cn/threat-encyclopedia/network/ddi-rule-2589
DDI RULE 2586 NECURS - HTTP (Request) - Variant 4
MEDIUM
2018/01/16DDI RULE 2586/vinfo/cn/threat-encyclopedia/network/ddi-rule-2586
DDI RULE 2587 SAGECRYPT - HTTP (Request)
MEDIUM
2018/01/16DDI RULE 2587/vinfo/cn/threat-encyclopedia/network/ddi-rule-2587
DDI RULE 2565 Data Exfiltration - ICMP (Request)
MEDIUM
2018/01/16DDI RULE 2565/vinfo/cn/threat-encyclopedia/network/ddi-rule-2565
DDI RULE 1250 FAKEAV - HTTP (Request) - Variant 35
HIGH
2018/01/16DDI RULE 1250/vinfo/cn/threat-encyclopedia/network/ddi-rule-1250
DDI RULE 1397 FAKEAV - HTTP (Request) - Variant 25
HIGH
2018/01/16DDI RULE 1397/vinfo/cn/threat-encyclopedia/network/ddi-rule-1397
DDI RULE 1475 FAKEAV - HTTP (Request) - Variant 37
HIGH
2018/01/16DDI RULE 1475/vinfo/cn/threat-encyclopedia/network/ddi-rule-1475
DDI RULE 1476 FAKEAV - HTTP (Request) - Variant 38
HIGH
2018/01/16DDI RULE 1476/vinfo/cn/threat-encyclopedia/network/ddi-rule-1476
DDI RULE 2585 Ratankba Downloader - HTTP (Response)
HIGH
2018/01/15DDI RULE 2585/vinfo/cn/threat-encyclopedia/network/ddi-rule-2585
DDI RULE 2583 Powershell script requested from root directory - HTTP (Request)
HIGH
2018/01/15DDI RULE 2583/vinfo/cn/threat-encyclopedia/network/ddi-rule-2583
DDI RULE 2582 CVE-2017-3248 - UnicastRef Insecure Deserialization
HIGH
2018/01/11DDI RULE 2582/vinfo/cn/threat-encyclopedia/network/ddi-rule-2582
DDI RULE 2345 RATANKBA - HTTP (Request)
HIGH
2018/01/11DDI RULE 2345/vinfo/cn/threat-encyclopedia/network/ddi-rule-2345
DDI RULE 2294 SUNDOWN - Exploit Kit - HTTP(Request)
HIGH
2018/01/09DDI RULE 2294/vinfo/cn/threat-encyclopedia/network/ddi-rule-2294
DDI RULE 2575 Command Injection via UPnP SOAP Interface - HTTP (Request)
HIGH
2018/01/09DDI RULE 2575/vinfo/cn/threat-encyclopedia/network/ddi-rule-2575
DDI RULE 2576 Electroneum(ETN) Webminer Malvertisment - HTTP (Request)
HIGH
2018/01/04DDI RULE 2576/vinfo/cn/threat-encyclopedia/network/ddi-rule-2576
DDI RULE 1479 RANSOM - HTTP (Request) - Variant 11
HIGH
2018/01/03DDI RULE 1479/vinfo/cn/threat-encyclopedia/network/ddi-rule-1479
DDI RULE 1518 RANSOM - HTTP (Request) - Variant 12
HIGH
2018/01/03DDI RULE 1518/vinfo/cn/threat-encyclopedia/network/ddi-rule-1518
DDI RULE 1344 RANSOM - HTTP (Request) - Variant 10
HIGH
2018/01/03DDI RULE 1344/vinfo/cn/threat-encyclopedia/network/ddi-rule-1344
DDI RULE 2076 CRYPZUQUIT - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2076/vinfo/cn/threat-encyclopedia/network/ddi-rule-2076
DDI RULE 2117 DEMOCRY - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2117/vinfo/cn/threat-encyclopedia/network/ddi-rule-2117
DDI RULE 2028 LOCKY - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2028/vinfo/cn/threat-encyclopedia/network/ddi-rule-2028
DDI RULE 2031 RANSOM HYDRA - HTTP (Request)
HIGH
2018/01/03DDI RULE 2031/vinfo/cn/threat-encyclopedia/network/ddi-rule-2031
DDI RULE 2020 RANSOM LECTOOL HTTP Request
HIGH
2018/01/03DDI RULE 2020/vinfo/cn/threat-encyclopedia/network/ddi-rule-2020
DDI RULE 2166 PIZACRYP - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2166/vinfo/cn/threat-encyclopedia/network/ddi-rule-2166
DDI RULE 2278 KARMA - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2278/vinfo/cn/threat-encyclopedia/network/ddi-rule-2278
DDI RULE 2284 HIDDENTEARHAPPY - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2284/vinfo/cn/threat-encyclopedia/network/ddi-rule-2284
DDI RULE 2259 NUCLEAR - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2259/vinfo/cn/threat-encyclopedia/network/ddi-rule-2259
DDI RULE 2226 KAWAIILOCKER - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2226/vinfo/cn/threat-encyclopedia/network/ddi-rule-2226
DDI RULE 2251 LOCKY - Ransomware - HTTP (Request) - Variant 4
HIGH
2018/01/03DDI RULE 2251/vinfo/cn/threat-encyclopedia/network/ddi-rule-2251
DDI RULE 2373 MATRIX - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2373/vinfo/cn/threat-encyclopedia/network/ddi-rule-2373
DDI RULE 2375 MATRIX - Ransomware - HTTP (Response)
HIGH
2018/01/03DDI RULE 2375/vinfo/cn/threat-encyclopedia/network/ddi-rule-2375
DDI RULE 2305 EXMAS - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2305/vinfo/cn/threat-encyclopedia/network/ddi-rule-2305
DDI RULE 2563 Data Exfiltration - HTTP (Request)
HIGH
2017/12/28DDI RULE 2563/vinfo/cn/threat-encyclopedia/network/ddi-rule-2563
DDI RULE 2120 BUCBI - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2120/vinfo/cn/threat-encyclopedia/network/ddi-rule-2120
DDI RULE 2119 CRIPTODC - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2119/vinfo/cn/threat-encyclopedia/network/ddi-rule-2119
DDI RULE 2093 CRYPVAULT - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2093/vinfo/cn/threat-encyclopedia/network/ddi-rule-2093
DDI RULE 2094 CRYPCORE - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2094/vinfo/cn/threat-encyclopedia/network/ddi-rule-2094
DDI RULE 2096 CRYPAPLHA - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2096/vinfo/cn/threat-encyclopedia/network/ddi-rule-2096
DDI RULE 2075 CRYPRADAM - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2075/vinfo/cn/threat-encyclopedia/network/ddi-rule-2075
DDI RULE 2061 CRYPWALL - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2061/vinfo/cn/threat-encyclopedia/network/ddi-rule-2061
DDI RULE 2337 CRYPSHIELD - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2337/vinfo/cn/threat-encyclopedia/network/ddi-rule-2337
DDI RULE 2338 CERBER - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2338/vinfo/cn/threat-encyclopedia/network/ddi-rule-2338
DDI RULE 2225 CRYPY - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2225/vinfo/cn/threat-encyclopedia/network/ddi-rule-2225
DDI RULE 2228 CRYPBEE - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2228/vinfo/cn/threat-encyclopedia/network/ddi-rule-2228
DDI RULE 2229 BARTZ - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2229/vinfo/cn/threat-encyclopedia/network/ddi-rule-2229
DDI RULE 2217 CRYPHYDRA - Ransomware - HTTP (Request) - Variant 2
HIGH
2017/12/21DDI RULE 2217/vinfo/cn/threat-encyclopedia/network/ddi-rule-2217
DDI RULE 2403 CRYPMOLE - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2403/vinfo/cn/threat-encyclopedia/network/ddi-rule-2403
DDI RULE 1289 MINER - HTTP (Request)
HIGH
2017/12/20DDI RULE 1289/vinfo/cn/threat-encyclopedia/network/ddi-rule-1289
DDI RULE 2573 MINER - TCP (Request)
MEDIUM
2017/12/20DDI RULE 2573/vinfo/cn/threat-encyclopedia/network/ddi-rule-2573
DDI RULE 2411 File renamed - WCRY - Ransomware - SMB (Request)
HIGH
2017/12/19DDI RULE 2411/vinfo/cn/threat-encyclopedia/network/ddi-rule-2411
DDI RULE 2261 GAFGYT - HTTP (Request)
HIGH
2017/12/18DDI RULE 2261/vinfo/cn/threat-encyclopedia/network/ddi-rule-2261
DDI RULE 153 Possible DOWNAD - Encrypted connection - TCP
LOW
2017/12/13DDI RULE 153/vinfo/cn/threat-encyclopedia/network/ddi-rule-153
DDI RULE 2568 COBALTSTRIKE - DNS (Response)
HIGH
2017/12/13DDI RULE 2568/vinfo/cn/threat-encyclopedia/network/ddi-rule-2568
DDI RULE 2569 TOXOCARA - DNS (Response)
HIGH
2017/12/13DDI RULE 2569/vinfo/cn/threat-encyclopedia/network/ddi-rule-2569
DDI RULE 2566 Data Exfiltration - DNS (Request)
HIGH
2017/12/07DDI RULE 2566/vinfo/cn/threat-encyclopedia/network/ddi-rule-2566
DDI RULE 2567 Data Exfiltration - UDP (Request)
HIGH
2017/12/07DDI RULE 2567/vinfo/cn/threat-encyclopedia/network/ddi-rule-2567
DDI RULE 2564 Data Exfiltration - TCP (Request)
HIGH
2017/12/07DDI RULE 2564/vinfo/cn/threat-encyclopedia/network/ddi-rule-2564
DDI RULE 2423 FATALISTICZ - HTTP
HIGH
2017/12/06DDI RULE 2423/vinfo/cn/threat-encyclopedia/network/ddi-rule-2423
DDI RULE 2559 CVE-2017-12149 - JBOSSAS COMMAND EXECUTION EXPLOIT - HTTP (Request)
MEDIUM
2017/12/04DDI RULE 2559/vinfo/cn/threat-encyclopedia/network/ddi-rule-2559
DDI RULE 2516 Coinhive JavaScript Miner - HTTPS (Request)
LOW
2017/12/04DDI RULE 2516/vinfo/cn/threat-encyclopedia/network/ddi-rule-2516
DDI RULE 2552 Possible Brute force - Telnet (Response)
MEDIUM
2017/11/23DDI RULE 2552/vinfo/cn/threat-encyclopedia/network/ddi-rule-2552
DDI RULE 38 Multiple unsuccessful logon attempts
LOW
2017/11/23DDI RULE 38/vinfo/cn/threat-encyclopedia/network/ddi-rule-38
DDI RULE 386 UTOTI - HTTP (Request)
HIGH
2017/11/23DDI RULE 386/vinfo/cn/threat-encyclopedia/network/ddi-rule-386
DDI RULE 39 Host DNS query to a non-trusted DNS server
MEDIUM
2017/11/23DDI RULE 39/vinfo/cn/threat-encyclopedia/network/ddi-rule-39
DDI RULE 1034 KOOBFACE - HTTP (Request)
HIGH
2017/11/22DDI RULE 1034/vinfo/cn/threat-encyclopedia/network/ddi-rule-1034

    通过以下社交网站联系我们