Network Content Inspection Rules
Default Rule:  
Enable
Disable
Rule IDRule DescriptionConfidence LevelDDI Default RuleNetwork Content Inspection Pattern Release Date
DDI RULE 2724 CVE-2018-8373 VBScript Use-After-Free Exploit - HTTP (Response)
MEDIUM
2018/10/08DDI RULE 2724/vinfo/cn/threat-encyclopedia/network/ddi-rule-2724
DDI RULE 2749 Possible IE Exploit - HTTP (Response) - Variant 4
LOW
2018/09/27DDI RULE 2749/vinfo/cn/threat-encyclopedia/network/ddi-rule-2749
DDI RULE 2750 CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/09/27DDI RULE 2750/vinfo/cn/threat-encyclopedia/network/ddi-rule-2750
DDI RULE 2751 Remote Command Shell - TCP
HIGH
2018/09/27DDI RULE 2751/vinfo/cn/threat-encyclopedia/network/ddi-rule-2751
DDI RULE 2752 Remote PowerShell - TCP
HIGH
2018/09/27DDI RULE 2752/vinfo/cn/threat-encyclopedia/network/ddi-rule-2752
DDI RULE 2736 ANTAK Webshell - HTTP (Request)
MEDIUM
2018/09/27DDI RULE 2736/vinfo/cn/threat-encyclopedia/network/ddi-rule-2736
DDI RULE 2728 NUUO Command Injection - HTTP (Request)
HIGH
2018/09/17DDI RULE 2728/vinfo/cn/threat-encyclopedia/network/ddi-rule-2728
DDI RULE 40 Unregistered service
LOW
2018/09/17DDI RULE 40/vinfo/cn/threat-encyclopedia/network/ddi-rule-40
DDI RULE 2746 BLUEBANANA - TCP (Request)
HIGH
2018/09/13DDI RULE 2746/vinfo/cn/threat-encyclopedia/network/ddi-rule-2746
DDI RULE 2747 IE Exploit - HTTP (Response)
HIGH
2018/09/13DDI RULE 2747/vinfo/cn/threat-encyclopedia/network/ddi-rule-2747
DDI RULE 2748 Possible IE Exploit - HTTP (Response) - Variant 3
LOW
2018/09/13DDI RULE 2748/vinfo/cn/threat-encyclopedia/network/ddi-rule-2748
DDI RULE 2745 CVE-2018-9866 SonicWall XML RPC Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/09/12DDI RULE 2745/vinfo/cn/threat-encyclopedia/network/ddi-rule-2745
DDI RULE 2167 ALFA - Ransomware - HTTP (Request)
HIGH
2018/09/04DDI RULE 2167/vinfo/cn/threat-encyclopedia/network/ddi-rule-2167
DDI RULE 2732 CVE-2009-3103 - Remote Code Execution - SMB2
HIGH
2018/09/04DDI RULE 2732/vinfo/cn/threat-encyclopedia/network/ddi-rule-2732
DDI RULE 2731 KAIXIN - Exploit Kit - HTTP (Response) - Variant 5
HIGH
2018/09/03DDI RULE 2731/vinfo/cn/threat-encyclopedia/network/ddi-rule-2731
DDI RULE 2714 KAIXIN - Exploit Kit - HTTP (Request) - Variant 2
HIGH
2018/09/03DDI RULE 2714/vinfo/cn/threat-encyclopedia/network/ddi-rule-2714
DDI RULE 2730 OMRON FINS TCP Read Controller Attempt NSE - TCP (Request)
LOW
2018/08/30DDI RULE 2730/vinfo/cn/threat-encyclopedia/network/ddi-rule-2730
DDI RULE 2005 Possible EDELLROOT certificate detected
HIGH
2018/08/29DDI RULE 2005/vinfo/cn/threat-encyclopedia/network/ddi-rule-2005
DDI RULE 2011 UPATRE - HTTP (Request) - Variant 3
HIGH
2018/08/29DDI RULE 2011/vinfo/cn/threat-encyclopedia/network/ddi-rule-2011
DDI RULE 1128 BANLOAD - HTTP (Request)
HIGH
2018/08/29DDI RULE 1128/vinfo/cn/threat-encyclopedia/network/ddi-rule-1128
DDI RULE 1155 BITCOIN - HTTP (Request)
HIGH
2018/08/29DDI RULE 1155/vinfo/cn/threat-encyclopedia/network/ddi-rule-1155
DDI RULE 1663 CRAZYK - HTTP (Request)
HIGH
2018/08/29DDI RULE 1663/vinfo/cn/threat-encyclopedia/network/ddi-rule-1663
DDI RULE 2729 Possible IE Exploit - HTTP (Response) - Variant 2
LOW
2018/08/29DDI RULE 2729/vinfo/cn/threat-encyclopedia/network/ddi-rule-2729
DDI RULE 2413 TRICKBOT - HTTP (Request)
HIGH
2018/08/29DDI RULE 2413/vinfo/cn/threat-encyclopedia/network/ddi-rule-2413
DDI RULE 2416 DETOXCRYPTO - Ransomware - HTTP (Request)
HIGH
2018/08/29DDI RULE 2416/vinfo/cn/threat-encyclopedia/network/ddi-rule-2416
DDI RULE 2494 APT - ANEL - HTTP (Request)
HIGH
2018/08/29DDI RULE 2494/vinfo/cn/threat-encyclopedia/network/ddi-rule-2494
DDI RULE 2726 CVE-2018-11776 - APACHE STRUTS RCE EXPLOIT - HTTP (Request)
HIGH
2018/08/24DDI RULE 2726/vinfo/cn/threat-encyclopedia/network/ddi-rule-2726
DDI RULE 2725 Reverse Meterpreter - HTTP (Response)
HIGH
2018/08/22DDI RULE 2725/vinfo/cn/threat-encyclopedia/network/ddi-rule-2725
DDI RULE 2711 UNDERMINER - Exploit Kit - HTTP (Response)
HIGH
2018/08/22DDI RULE 2711/vinfo/cn/threat-encyclopedia/network/ddi-rule-2711
DDI RULE 2698 APT - WATERHOLE - HTTP (Request) - Variant 2
HIGH
2018/08/22DDI RULE 2698/vinfo/cn/threat-encyclopedia/network/ddi-rule-2698
DDI RULE 2672 CKNIFE - HTTP (Request)
HIGH
2018/08/22DDI RULE 2672/vinfo/cn/threat-encyclopedia/network/ddi-rule-2672
DDI RULE 2676 PHP Webshell - HTTP (Request) - Variant 2
HIGH
2018/08/20DDI RULE 2676/vinfo/cn/threat-encyclopedia/network/ddi-rule-2676
DDI RULE 2690 JSPSPY Webshell - HTTP (Request)
HIGH
2018/08/20DDI RULE 2690/vinfo/cn/threat-encyclopedia/network/ddi-rule-2690
DDI RULE 2723 MAGNITUDE - Exploit Kit - HTTP (Response)
HIGH
2018/08/20DDI RULE 2723/vinfo/cn/threat-encyclopedia/network/ddi-rule-2723
DDI RULE 1552 APT - HAVEX - HTTP (Request)
HIGH
2018/08/13DDI RULE 1552/vinfo/cn/threat-encyclopedia/network/ddi-rule-1552
DDI RULE 1577 APT - PLUGX - HTTP (Request) - Variant 6
HIGH
2018/08/13DDI RULE 1577/vinfo/cn/threat-encyclopedia/network/ddi-rule-1577
DDI RULE 1583 APT - HCOREPWSTL - HTTP (Request)
HIGH
2018/08/13DDI RULE 1583/vinfo/cn/threat-encyclopedia/network/ddi-rule-1583
DDI RULE 1347 APT - Possible SIMBOT - HTTP (Request) - Variant 3
MEDIUM
2018/08/13DDI RULE 1347/vinfo/cn/threat-encyclopedia/network/ddi-rule-1347
DDI RULE 1415 APT - Possible POISONIVY - TCP (Request)
MEDIUM
2018/08/13DDI RULE 1415/vinfo/cn/threat-encyclopedia/network/ddi-rule-1415
DDI RULE 2720 CVE-2018-2894 Weblogic Arbitrary File Upload Exploit - HTTP (Request)
MEDIUM
2018/08/13DDI RULE 2720/vinfo/cn/threat-encyclopedia/network/ddi-rule-2720
DDI RULE 2719 WebScript Injection - HTTP (Request)
MEDIUM
2018/08/13DDI RULE 2719/vinfo/cn/threat-encyclopedia/network/ddi-rule-2719
DDI RULE 2716 BINBASH Download to an Image Extension - HTTP (Response)
HIGH
2018/08/09DDI RULE 2716/vinfo/cn/threat-encyclopedia/network/ddi-rule-2716
DDI RULE 2717 KAIXIN - Exploit Kit - HTTP (Request) - Variant 3
HIGH
2018/08/09DDI RULE 2717/vinfo/cn/threat-encyclopedia/network/ddi-rule-2717
DDI RULE 2718 S7 Enumerate Redpoint NSE Request CPU Function Read SZL - TCP (Request)
LOW
2018/08/09DDI RULE 2718/vinfo/cn/threat-encyclopedia/network/ddi-rule-2718
DDI RULE 2715 MINER CONFIG - HTTP (Response)
HIGH
2018/08/07DDI RULE 2715/vinfo/cn/threat-encyclopedia/network/ddi-rule-2715
DDI RULE 2429 EQUATED - Exploit Attempt - SMB (Response)
HIGH
2018/08/07DDI RULE 2429/vinfo/cn/threat-encyclopedia/network/ddi-rule-2429
DDI RULE 2384 Possible EQUATED - Remote Code Execution - SMB (Request)
LOW
2018/08/07DDI RULE 2384/vinfo/cn/threat-encyclopedia/network/ddi-rule-2384
DDI RULE 2390 EQUATED - SMB (Response)
HIGH
2018/08/07DDI RULE 2390/vinfo/cn/threat-encyclopedia/network/ddi-rule-2390
DDI RULE 1087 APT - FASWIK - TCP (Request)
HIGH
2018/08/06DDI RULE 1087/vinfo/cn/threat-encyclopedia/network/ddi-rule-1087
DDI RULE 1069 APT - Possible GHOSTRAT - TCP
MEDIUM
2018/08/06DDI RULE 1069/vinfo/cn/threat-encyclopedia/network/ddi-rule-1069
DDI RULE 1257 APT - CRIDEX - HTTP (Request) - Variant 3
HIGH
2018/08/06DDI RULE 1257/vinfo/cn/threat-encyclopedia/network/ddi-rule-1257
DDI RULE 1300 APT - FARFLI - HTTP (Request)
HIGH
2018/08/06DDI RULE 1300/vinfo/cn/threat-encyclopedia/network/ddi-rule-1300
DDI RULE 1303 APT - Possible BLYPT - HTTP (Request)
MEDIUM
2018/08/06DDI RULE 1303/vinfo/cn/threat-encyclopedia/network/ddi-rule-1303
DDI RULE 2710 FLAWEDAMMYY - TCP (Request)
HIGH
2018/08/06DDI RULE 2710/vinfo/cn/threat-encyclopedia/network/ddi-rule-2710
DDI RULE 2713 AVTECH Command Injection Exploit - HTTP (Request)
HIGH
2018/08/02DDI RULE 2713/vinfo/cn/threat-encyclopedia/network/ddi-rule-2713
DDI RULE 2709 CVE-2018-8278 MS Edge Spoofing Exploit - HTTP (Response)
HIGH
2018/07/30DDI RULE 2709/vinfo/cn/threat-encyclopedia/network/ddi-rule-2709
DDI RULE 2704 Web Security Testing Tool - HTTP (Request) - Variant 2
HIGH
2018/07/26DDI RULE 2704/vinfo/cn/threat-encyclopedia/network/ddi-rule-2704
DDI RULE 2705 Android Debug Bridge Remote Code Execution - TCP (Request)
HIGH
2018/07/26DDI RULE 2705/vinfo/cn/threat-encyclopedia/network/ddi-rule-2705
DDI RULE 2706 OSTAP - HTTP (Request)
HIGH
2018/07/26DDI RULE 2706/vinfo/cn/threat-encyclopedia/network/ddi-rule-2706
DDI RULE 2707 DLINK Command Injection Exploit - HTTP (Request) - Variant 2
HIGH
2018/07/26DDI RULE 2707/vinfo/cn/threat-encyclopedia/network/ddi-rule-2707
DDI RULE 2708 SENDOOREOF - UDP (Request)
HIGH
2018/07/26DDI RULE 2708/vinfo/cn/threat-encyclopedia/network/ddi-rule-2708
DDI RULE 2629 Possible WEBLOGIC T3 RCE Exploit - TCP (Request)
MEDIUM
2018/07/26DDI RULE 2629/vinfo/cn/threat-encyclopedia/network/ddi-rule-2629
DDI RULE 2626 CVE-2018-7600 - Drupal Remote Code Execution - HTTP (Request)
HIGH
2018/07/25DDI RULE 2626/vinfo/cn/threat-encyclopedia/network/ddi-rule-2626
DDI RULE 1245 APT - TROJAN TCP Request
HIGH
2018/07/24DDI RULE 1245/vinfo/cn/threat-encyclopedia/network/ddi-rule-1245
DDI RULE 1174 APT - MALEX - HTTP (Request)
HIGH
2018/07/24DDI RULE 1174/vinfo/cn/threat-encyclopedia/network/ddi-rule-1174
DDI RULE 1242 APT - XTREME - HTTP (Request)
HIGH
2018/07/24DDI RULE 1242/vinfo/cn/threat-encyclopedia/network/ddi-rule-1242
DDI RULE 1021 APT - Possible POISONIVY - TCP (Response) - Variant 2
MEDIUM
2018/07/24DDI RULE 1021/vinfo/cn/threat-encyclopedia/network/ddi-rule-1021
DDI RULE 2702 Host Discovery - UDP (Request)
LOW
2018/07/24DDI RULE 2702/vinfo/cn/threat-encyclopedia/network/ddi-rule-2702
DDI RULE 2701 Possible EMOTET - HTTP (Response) - Variant 3
HIGH
2018/07/18DDI RULE 2701/vinfo/cn/threat-encyclopedia/network/ddi-rule-2701
DDI RULE 2666 CVE-2017-7529 NGINX Integer Overflow Exploit Attempt HTTP (Request)
MEDIUM
2018/07/18DDI RULE 2666/vinfo/cn/threat-encyclopedia/network/ddi-rule-2666
DDI RULE 1885 Possible Data Exfiltration - DNS (Response)
LOW
2018/07/17DDI RULE 1885/vinfo/cn/threat-encyclopedia/network/ddi-rule-1885
DDI RULE 2584 POSGERAT Data Exfiltration - DNS (Response)
LOW
2018/07/17DDI RULE 2584/vinfo/cn/threat-encyclopedia/network/ddi-rule-2584
DDI RULE 2700 Possible WEBSHELL - HTTP (Request)
HIGH
2018/07/17DDI RULE 2700/vinfo/cn/threat-encyclopedia/network/ddi-rule-2700
DDI RULE 2699 CVE-2016-10134 - Zabbix SQL Injection - HTTP (Request)
MEDIUM
2018/07/17DDI RULE 2699/vinfo/cn/threat-encyclopedia/network/ddi-rule-2699
DDI RULE 1618 CVE-2014-6271 - Shellshock HTTP Request
HIGH
2018/07/16DDI RULE 1618/vinfo/cn/threat-encyclopedia/network/ddi-rule-1618
DDI RULE 1078 Possible TOR node certificate detected
MEDIUM
2018/07/11DDI RULE 1078/vinfo/cn/threat-encyclopedia/network/ddi-rule-1078
DDI RULE 2694 CVE-2018-12613 PHPMyAdmin Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2694/vinfo/cn/threat-encyclopedia/network/ddi-rule-2694
DDI RULE 2695 CVE-2018-3606 TMCM SQL Injection Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2695/vinfo/cn/threat-encyclopedia/network/ddi-rule-2695
DDI RULE 2696 CVE-2018-0296 CISCO ASA Path Traversal Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2696/vinfo/cn/threat-encyclopedia/network/ddi-rule-2696
DDI RULE 2697 NUKESPED - TCP (Response) - Variant 2
MEDIUM
2018/07/11DDI RULE 2697/vinfo/cn/threat-encyclopedia/network/ddi-rule-2697
DDI RULE 2693 CVE-2015-5254 - ActiveMQ Deserialization Vulnerability
HIGH
2018/07/10DDI RULE 2693/vinfo/cn/threat-encyclopedia/network/ddi-rule-2693
DDI RULE 2692 LINKSYS Unauthenticated Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/07/09DDI RULE 2692/vinfo/cn/threat-encyclopedia/network/ddi-rule-2692
DDI RULE 1886 Data Exfiltration - DNS (Response)
LOW
2018/07/03DDI RULE 1886/vinfo/cn/threat-encyclopedia/network/ddi-rule-1886
DDI RULE 2689 CVE-2016-4438 - Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/07/03DDI RULE 2689/vinfo/cn/threat-encyclopedia/network/ddi-rule-2689
DDI RULE 2349 Possible MIRAI - TCP (Request)
HIGH
2018/07/03DDI RULE 2349/vinfo/cn/threat-encyclopedia/network/ddi-rule-2349
DDI RULE 2507 Unauthorized TESTFR IEC-104 Request
HIGH
2018/06/28DDI RULE 2507/vinfo/cn/threat-encyclopedia/network/ddi-rule-2507
DDI RULE 2508 Unauthorized STARTDT IEC-104 Request
HIGH
2018/06/28DDI RULE 2508/vinfo/cn/threat-encyclopedia/network/ddi-rule-2508
DDI RULE 2509 Unauthorized STOPDT IEC-104 Request
HIGH
2018/06/28DDI RULE 2509/vinfo/cn/threat-encyclopedia/network/ddi-rule-2509
DDI RULE 2510 Non-IEC-104 Communication Request
HIGH
2018/06/28DDI RULE 2510/vinfo/cn/threat-encyclopedia/network/ddi-rule-2510
DDI RULE 2687 CVE-2018-7602 - Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/06/28DDI RULE 2687/vinfo/cn/threat-encyclopedia/network/ddi-rule-2687
DDI RULE 2685 Possible Host Discovery - ICMP (Response)
HIGH
2018/06/28DDI RULE 2685/vinfo/cn/threat-encyclopedia/network/ddi-rule-2685
DDI RULE 2686 Command Execution - SMB (Request)
HIGH
2018/06/26DDI RULE 2686/vinfo/cn/threat-encyclopedia/network/ddi-rule-2686
DDI RULE 2651 JBOSSAS COMMAND EXECUTION EXPLOIT - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2651/vinfo/cn/threat-encyclopedia/network/ddi-rule-2651
DDI RULE 2680 Acunetix Web Vulnerability Scanner - HTTP (Request)
HIGH
2018/06/26DDI RULE 2680/vinfo/cn/threat-encyclopedia/network/ddi-rule-2680
DDI RULE 2681 DirBuster - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2681/vinfo/cn/threat-encyclopedia/network/ddi-rule-2681
DDI RULE 2682 NMAP - HTTP (Request
MEDIUM
2018/06/26DDI RULE 2682/vinfo/cn/threat-encyclopedia/network/ddi-rule-2682
DDI RULE 2683 W3AF - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2683/vinfo/cn/threat-encyclopedia/network/ddi-rule-2683
DDI RULE 2684 GoLismero - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2684/vinfo/cn/threat-encyclopedia/network/ddi-rule-2684
DDI RULE 2674 Web Vulnerability Scanner - HTTP (Request)
HIGH
2018/06/25DDI RULE 2674/vinfo/cn/threat-encyclopedia/network/ddi-rule-2674
DDI RULE 2675 Web Vulnerability Scanner - HTTP (Request) - Variant 2
HIGH
2018/06/25DDI RULE 2675/vinfo/cn/threat-encyclopedia/network/ddi-rule-2675
DDI RULE 2668 REGEORG - HTTP (Request)
HIGH
2018/06/25DDI RULE 2668/vinfo/cn/threat-encyclopedia/network/ddi-rule-2668
DDI RULE 2668 REGEORG - HTTP (Request)
HIGH
2018/06/25DDI RULE 2668/vinfo/cn/threat-encyclopedia/network/ddi-rule-2668
DDI RULE 2678 CVE-2014-3120 - ElasticSearch Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/06/25DDI RULE 2678/vinfo/cn/threat-encyclopedia/network/ddi-rule-2678
DDI RULE 2679 CVE-2016-3714 - ImageMagick Command Execution Exploit - HTTP (Request)
MEDIUM
2018/06/25DDI RULE 2679/vinfo/cn/threat-encyclopedia/network/ddi-rule-2679
DDI RULE 2669 APT - DARKHOTEL - HTTP (Request)
HIGH
2018/06/21DDI RULE 2669/vinfo/cn/threat-encyclopedia/network/ddi-rule-2669
DDI RULE 2669 APT - DARKHOTEL - HTTP (Request)
HIGH
2018/06/21DDI RULE 2669/vinfo/cn/threat-encyclopedia/network/ddi-rule-2669
DDI RULE 2670 Comprehensive Tool - TDS (Request)
HIGH
2018/06/21DDI RULE 2670/vinfo/cn/threat-encyclopedia/network/ddi-rule-2670
DDI RULE 2670 Comprehensive Tool - TDS (Request)
HIGH
2018/06/21DDI RULE 2670/vinfo/cn/threat-encyclopedia/network/ddi-rule-2670
DDI RULE 2671 Vulnerability Scanner - HTTP (Request) - Variant 3
HIGH
2018/06/21DDI RULE 2671/vinfo/cn/threat-encyclopedia/network/ddi-rule-2671
DDI RULE 2671 Vulnerability Scanner - HTTP (Request) - Variant 3
HIGH
2018/06/21DDI RULE 2671/vinfo/cn/threat-encyclopedia/network/ddi-rule-2671
DDI RULE 2673 Earthworm Port Forwarding - TCP (Request)
HIGH
2018/06/21DDI RULE 2673/vinfo/cn/threat-encyclopedia/network/ddi-rule-2673
DDI RULE 2673 Earthworm Port Forwarding - TCP (Request)
HIGH
2018/06/21DDI RULE 2673/vinfo/cn/threat-encyclopedia/network/ddi-rule-2673
DDI RULE 2664 CreateService - SMB (Request)
HIGH
2018/06/21DDI RULE 2664/vinfo/cn/threat-encyclopedia/network/ddi-rule-2664
DDI RULE 2664 CreateService - SMB (Request)
HIGH
2018/06/21DDI RULE 2664/vinfo/cn/threat-encyclopedia/network/ddi-rule-2664
DDI RULE 2665 SOFACY - HTTP (Request)
MEDIUM
2018/06/20DDI RULE 2665/vinfo/cn/threat-encyclopedia/network/ddi-rule-2665
DDI RULE 2667 CVE-2018-9995 Authentication Bypass Exploit - HTTP (Request)
HIGH
2018/06/20DDI RULE 2667/vinfo/cn/threat-encyclopedia/network/ddi-rule-2667
DDI RULE 2663 APT - EXFRAM - TCP (Request)
HIGH
2018/06/19DDI RULE 2663/vinfo/cn/threat-encyclopedia/network/ddi-rule-2663
DDI RULE 2386 C99 PHP SHELL - HTTP
HIGH
2018/06/19DDI RULE 2386/vinfo/cn/threat-encyclopedia/network/ddi-rule-2386
DDI RULE 2387 DK PHP SHELL - HTTP
HIGH
2018/06/19DDI RULE 2387/vinfo/cn/threat-encyclopedia/network/ddi-rule-2387
DDI RULE 2417 CVE-2017-7494 - Remote Code Execution - SMB (Request) - Variant 2
MEDIUM
2018/06/19DDI RULE 2417/vinfo/cn/threat-encyclopedia/network/ddi-rule-2417
DDI RULE 2658 Ghost WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2658/vinfo/cn/threat-encyclopedia/network/ddi-rule-2658
DDI RULE 2659 PHP WebShell - HTTP (Request) - Variant 2
MEDIUM
2018/06/18DDI RULE 2659/vinfo/cn/threat-encyclopedia/network/ddi-rule-2659
DDI RULE 2660 ASP WebShell - HTTP (Request)
HIGH
2018/06/18DDI RULE 2660/vinfo/cn/threat-encyclopedia/network/ddi-rule-2660
DDI RULE 2661 HYTOP2006 ASP WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2661/vinfo/cn/threat-encyclopedia/network/ddi-rule-2661
DDI RULE 2662 PHPSPY WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2662/vinfo/cn/threat-encyclopedia/network/ddi-rule-2662
DDI RULE 2655 Possible CVE-2017-9506 Atlassian OAth Proxy Exploit - HTTP (Request)
MEDIUM
2018/06/12DDI RULE 2655/vinfo/cn/threat-encyclopedia/network/ddi-rule-2655
DDI RULE 2656 CVE-2018-1418 - QRADAR Command Injection - HTTP (Request)
HIGH
2018/06/12DDI RULE 2656/vinfo/cn/threat-encyclopedia/network/ddi-rule-2656
DDI RULE 2602 RIG - Exploit Kit - HTTP (Request) - Variant 5
HIGH
2018/06/06DDI RULE 2602/vinfo/cn/threat-encyclopedia/network/ddi-rule-2602
DDI RULE 2653 PHOTOMINER - HTTP (Response)
HIGH
2018/06/05DDI RULE 2653/vinfo/cn/threat-encyclopedia/network/ddi-rule-2653
DDI RULE 2654 Powershell - SMB
MEDIUM
2018/06/05DDI RULE 2654/vinfo/cn/threat-encyclopedia/network/ddi-rule-2654
DDI RULE 2418 Suspicious file rename - SMB (Request)
HIGH
2018/06/05DDI RULE 2418/vinfo/cn/threat-encyclopedia/network/ddi-rule-2418
DDI RULE 2445 Suspicious file rename - SMB2 (Request)
HIGH
2018/06/05DDI RULE 2445/vinfo/cn/threat-encyclopedia/network/ddi-rule-2445
DDI RULE 2652 VPNFILTER - HTTP (Request)
HIGH
2018/06/04DDI RULE 2652/vinfo/cn/threat-encyclopedia/network/ddi-rule-2652
DDI RULE 2649 GRANDSOFT - Exploit Kit - HTTP(Request)
HIGH
2018/05/30DDI RULE 2649/vinfo/cn/threat-encyclopedia/network/ddi-rule-2649
DDI RULE 2650 ANDROM - HTTP (Response)
MEDIUM
2018/05/30DDI RULE 2650/vinfo/cn/threat-encyclopedia/network/ddi-rule-2650
DDI RULE 2624 POWERDNS - DNS (Response)
HIGH
2018/05/30DDI RULE 2624/vinfo/cn/threat-encyclopedia/network/ddi-rule-2624
DDI RULE 2648 CVE-2018-1000136 Electron Node Integration Exploit- HTTP (Request)
HIGH
2018/05/28DDI RULE 2648/vinfo/cn/threat-encyclopedia/network/ddi-rule-2648
DDI RULE 2645 CVE-2017-16598 Netgain SNMPWALK IP Directory Traversal Exploit HTTP - (Request)
HIGH
2018/05/21DDI RULE 2645/vinfo/cn/threat-encyclopedia/network/ddi-rule-2645
DDI RULE 2646 CVE-2018-1111 Remote Code Injection Exploit - DHCP (Response)
HIGH
2018/05/21DDI RULE 2646/vinfo/cn/threat-encyclopedia/network/ddi-rule-2646
DDI RULE 2641 CVE-2018-1308 Apache Solr Data Import Handler XML Exploit - HTTP (Request)
HIGH
2018/05/21DDI RULE 2641/vinfo/cn/threat-encyclopedia/network/ddi-rule-2641
DDI RULE 2644 Suspicious Access to a bit Domain - DNS (Response)
MEDIUM
2018/05/17DDI RULE 2644/vinfo/cn/threat-encyclopedia/network/ddi-rule-2644
DDI RULE 2642 NEGASTEAL - HTTP (Request)
HIGH
2018/05/16DDI RULE 2642/vinfo/cn/threat-encyclopedia/network/ddi-rule-2642
DDI RULE 2643 NECURS - SMB
HIGH
2018/05/16DDI RULE 2643/vinfo/cn/threat-encyclopedia/network/ddi-rule-2643
DDI RULE 2640 CVE-2018-5443 Advantech Webaccess SQL Injection - HTTP (Request)
HIGH
2018/05/15DDI RULE 2640/vinfo/cn/threat-encyclopedia/network/ddi-rule-2640
DDI RULE 2638 CVE-2018-7602 - Remote Code Execution - HTTP (Request)
HIGH
2018/05/15DDI RULE 2638/vinfo/cn/threat-encyclopedia/network/ddi-rule-2638
DDI RULE 2639 CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request)
HIGH
2018/05/15DDI RULE 2639/vinfo/cn/threat-encyclopedia/network/ddi-rule-2639
DDI RULE 2637 CVE-2018-0171 Buffer Overflow - TCP (Request)
MEDIUM
2018/05/09DDI RULE 2637/vinfo/cn/threat-encyclopedia/network/ddi-rule-2637
DDI RULE 2625 UDPOS - DNS (Request)
HIGH
2018/05/09DDI RULE 2625/vinfo/cn/threat-encyclopedia/network/ddi-rule-2625
DDI RULE 2574 CVE-2017-16943 EXIM Remote Code Execution exploit - SMTP (Request)
MEDIUM
2018/05/08DDI RULE 2574/vinfo/cn/threat-encyclopedia/network/ddi-rule-2574
DDI RULE 2635 Abnormal x509v3 Subject Key Identifier extension - HTTPS (Response)
LOW
2018/05/07DDI RULE 2635/vinfo/cn/threat-encyclopedia/network/ddi-rule-2635
DDI RULE 2636 Executable File inside Certificate ? HTTPS (Response)
HIGH
2018/05/07DDI RULE 2636/vinfo/cn/threat-encyclopedia/network/ddi-rule-2636
DDI RULE 2526 NECURS - HTTP (Request) - Variant 2
HIGH
2018/05/07DDI RULE 2526/vinfo/cn/threat-encyclopedia/network/ddi-rule-2526
DDI RULE 2631 CVE-2018-9843 Rest API Remote Code Execution - HTTP (Request)
HIGH
2018/05/03DDI RULE 2631/vinfo/cn/threat-encyclopedia/network/ddi-rule-2631
DDI RULE 2632 GRAVITYRAT - HTTP (Request)
HIGH
2018/05/03DDI RULE 2632/vinfo/cn/threat-encyclopedia/network/ddi-rule-2632
DDI RULE 2633 JAKU - HTTP (Request)
HIGH
2018/05/03DDI RULE 2633/vinfo/cn/threat-encyclopedia/network/ddi-rule-2633
DDI RULE 2634 KWAMPIRS - HTTP (Request)
HIGH
2018/05/03DDI RULE 2634/vinfo/cn/threat-encyclopedia/network/ddi-rule-2634
DDI RULE 2630 HNAP1 Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/05/02DDI RULE 2630/vinfo/cn/threat-encyclopedia/network/ddi-rule-2630
DDI RULE 2604 CVE-2018-6389 WordPress Load-Scripts Exploit - HTTP (Request)
HIGH
2018/05/02DDI RULE 2604/vinfo/cn/threat-encyclopedia/network/ddi-rule-2604
DDI RULE 2609 HANCITOR - HTTP (Request) - Variant 3
HIGH
2018/05/02DDI RULE 2609/vinfo/cn/threat-encyclopedia/network/ddi-rule-2609
DDI RULE 2627 Possible EMPIRE - HTTP (Request)
HIGH
2018/04/24DDI RULE 2627/vinfo/cn/threat-encyclopedia/network/ddi-rule-2627
DDI RULE 2628 HNAP1 Buffer Overflow Exploit - HTTP (Request)
MEDIUM
2018/04/24DDI RULE 2628/vinfo/cn/threat-encyclopedia/network/ddi-rule-2628
DDI RULE 2600 CVE-2017-10271 - Oracle Weblogic Exploit - HTTP (Request)
HIGH
2018/04/23DDI RULE 2600/vinfo/cn/threat-encyclopedia/network/ddi-rule-2600
DDI RULE 2623 Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/04/16DDI RULE 2623/vinfo/cn/threat-encyclopedia/network/ddi-rule-2623
DDI RULE 2621 Remote Code Execution - HTTP (Request)
HIGH
2018/04/10DDI RULE 2621/vinfo/cn/threat-encyclopedia/network/ddi-rule-2621
DDI RULE 2622 CVE-2013-4810 JBoss AS Marshalled Object Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/04/10DDI RULE 2622/vinfo/cn/threat-encyclopedia/network/ddi-rule-2622
DDI RULE 2605 UDPOS - HTTP (Request)
HIGH
2018/04/10DDI RULE 2605/vinfo/cn/threat-encyclopedia/network/ddi-rule-2605
DDI RULE 2619 CVE-2013-2618 Network Weathermap Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/04/04DDI RULE 2619/vinfo/cn/threat-encyclopedia/network/ddi-rule-2619
DDI RULE 2620 Suspicious Executable File Download - HTTP (Response)
HIGH
2018/04/04DDI RULE 2620/vinfo/cn/threat-encyclopedia/network/ddi-rule-2620
DDI RULE 2618 CVE-2018-0833 Denial of Sercice - SMB2 (Response)
HIGH
2018/04/03DDI RULE 2618/vinfo/cn/threat-encyclopedia/network/ddi-rule-2618
DDI RULE 2616 Suspicious CWS Flash - HTTP (Response)
MEDIUM
2018/03/28DDI RULE 2616/vinfo/cn/threat-encyclopedia/network/ddi-rule-2616
DDI RULE 2617 GANDCRAB - Ransomware - HTTP (Response)
HIGH
2018/03/28DDI RULE 2617/vinfo/cn/threat-encyclopedia/network/ddi-rule-2617
DDI RULE 2562 Signed Malware Certificate - SSL
MEDIUM
2018/03/28DDI RULE 2562/vinfo/cn/threat-encyclopedia/network/ddi-rule-2562
DDI RULE 2615 CVE-2017-12629 ApacheSolr XML RCE Exploit - HTTP (Request)
HIGH
2018/03/20DDI RULE 2615/vinfo/cn/threat-encyclopedia/network/ddi-rule-2615
DDI RULE 2610 Possible MEMCACHED Amplified DDOS Attempt - UDP (Request)
HIGH
2018/03/19DDI RULE 2610/vinfo/cn/threat-encyclopedia/network/ddi-rule-2610
DDI RULE 2611 CANNIBALRAT - HTTP (Request)
HIGH
2018/03/19DDI RULE 2611/vinfo/cn/threat-encyclopedia/network/ddi-rule-2611
DDI RULE 2612 NETWIRED - TCP (Request)
HIGH
2018/03/19DDI RULE 2612/vinfo/cn/threat-encyclopedia/network/ddi-rule-2612
DDI RULE 2613 POWERSHELL Download - HTTP (Request) - Variant 2
HIGH
2018/03/19DDI RULE 2613/vinfo/cn/threat-encyclopedia/network/ddi-rule-2613
DDI RULE 2608 EMOTET - HTTP (Response) - Variant 2
HIGH
2018/03/12DDI RULE 2608/vinfo/cn/threat-encyclopedia/network/ddi-rule-2608
DDI RULE 2607 NUKESPED - TCP (Response)
HIGH
2018/03/01DDI RULE 2607/vinfo/cn/threat-encyclopedia/network/ddi-rule-2607
DDI RULE 2593 CVE-2017-4933 VMWDynResolution Buffer Overflow Exploit - VNC (Request)
HIGH
2018/03/01DDI RULE 2593/vinfo/cn/threat-encyclopedia/network/ddi-rule-2593
DDI RULE 2606 HTA Download - HTTP (Request)
LOW
2018/02/26DDI RULE 2606/vinfo/cn/threat-encyclopedia/network/ddi-rule-2606
DDI RULE 2601 CVE-2017-12635 Apache CouchDB Escalation Privelage - HTTP (Request)
HIGH
2018/02/21DDI RULE 2601/vinfo/cn/threat-encyclopedia/network/ddi-rule-2601
DDI RULE 2603 CVE-2017-12636 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/02/21DDI RULE 2603/vinfo/cn/threat-encyclopedia/network/ddi-rule-2603
DDI RULE 2598 PsExec PETYA - Ransomware - SMB2
HIGH
2018/02/13DDI RULE 2598/vinfo/cn/threat-encyclopedia/network/ddi-rule-2598
DDI RULE 2599 CreateService BADRABBIT - Ransomware - SMB2
HIGH
2018/02/13DDI RULE 2599/vinfo/cn/threat-encyclopedia/network/ddi-rule-2599
DDI RULE 2527 CreateService BADRABBIT - Ransomware - SMB
HIGH
2018/02/13DDI RULE 2527/vinfo/cn/threat-encyclopedia/network/ddi-rule-2527
DDI RULE 2441 PsExec PETYA - Ransomware - SMB
HIGH
2018/02/13DDI RULE 2441/vinfo/cn/threat-encyclopedia/network/ddi-rule-2441
DDI RULE 2595 CROSSRAT - TCP (Request)
HIGH
2018/02/12DDI RULE 2595/vinfo/cn/threat-encyclopedia/network/ddi-rule-2595
DDI RULE 2596 SMOMINRU - HTTP (Request)
HIGH
2018/02/12DDI RULE 2596/vinfo/cn/threat-encyclopedia/network/ddi-rule-2596
DDI RULE 2597 GANDCRAB - Ransomware - HTTP (Request)
HIGH
2018/02/12DDI RULE 2597/vinfo/cn/threat-encyclopedia/network/ddi-rule-2597
DDI RULE 2592 PROTUX - HTTP (Request) - Variant 2
HIGH
2018/02/12DDI RULE 2592/vinfo/cn/threat-encyclopedia/network/ddi-rule-2592
DDI RULE 1854 SWITREX LOGIN Request
HIGH
2018/02/06DDI RULE 1854/vinfo/cn/threat-encyclopedia/network/ddi-rule-1854
DDI RULE 2591 KRBANKER - HTTP (Response)
HIGH
2018/01/30DDI RULE 2591/vinfo/cn/threat-encyclopedia/network/ddi-rule-2591
DDI RULE 26 C&C callback attempt
HIGH
2018/01/30DDI RULE 26/vinfo/cn/threat-encyclopedia/network/ddi-rule-26
DDI RULE 260 FAKEAV - HTTP (Request) - Variant 13
HIGH
2018/01/30DDI RULE 260/vinfo/cn/threat-encyclopedia/network/ddi-rule-260
DDI RULE 262 FAKEAV - HTTP (Request) - Variant 23
HIGH
2018/01/30DDI RULE 262/vinfo/cn/threat-encyclopedia/network/ddi-rule-262
DDI RULE 1771 RANSOM TCP Request - Class 2
HIGH
2018/01/25DDI RULE 1771/vinfo/cn/threat-encyclopedia/network/ddi-rule-1771
DDI RULE 2071 CERBER - Ransomware - UDP
HIGH
2018/01/25DDI RULE 2071/vinfo/cn/threat-encyclopedia/network/ddi-rule-2071
DDI RULE 2074 SURPRISE - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2074/vinfo/cn/threat-encyclopedia/network/ddi-rule-2074
DDI RULE 2077 CRYPNISCA - Ransomware - UDP
HIGH
2018/01/25DDI RULE 2077/vinfo/cn/threat-encyclopedia/network/ddi-rule-2077
DDI RULE 2148 JSRAA - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2148/vinfo/cn/threat-encyclopedia/network/ddi-rule-2148
DDI RULE 2153 SATANA - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2153/vinfo/cn/threat-encyclopedia/network/ddi-rule-2153
DDI RULE 1096 RANSOM - HTTP (Request) - Variant 2
HIGH
2018/01/25DDI RULE 1096/vinfo/cn/threat-encyclopedia/network/ddi-rule-1096
DDI RULE 1097 RANSOM - HTTP (Request) - Variant 3
HIGH
2018/01/25DDI RULE 1097/vinfo/cn/threat-encyclopedia/network/ddi-rule-1097
DDI RULE 1213 RANSOM - HTTP (Request) - Variant 6
HIGH
2018/01/25DDI RULE 1213/vinfo/cn/threat-encyclopedia/network/ddi-rule-1213
DDI RULE 1172 RANSOM - HTTP (Request) - Variant 5
HIGH
2018/01/25DDI RULE 1172/vinfo/cn/threat-encyclopedia/network/ddi-rule-1172
DDI RULE 1164 RANSOM - HTTP (Request) - Variant 4
HIGH
2018/01/25DDI RULE 1164/vinfo/cn/threat-encyclopedia/network/ddi-rule-1164
DDI RULE 1295 RANSOM - HTTP (Request) - Variant 9
HIGH
2018/01/25DDI RULE 1295/vinfo/cn/threat-encyclopedia/network/ddi-rule-1295
DDI RULE 1302 RANSOM - HTTP (Request) - Variant 7
HIGH
2018/01/25DDI RULE 1302/vinfo/cn/threat-encyclopedia/network/ddi-rule-1302
DDI RULE 1614 RANSOM - HTTP (Request) - Variant 13
HIGH
2018/01/25DDI RULE 1614/vinfo/cn/threat-encyclopedia/network/ddi-rule-1614
DDI RULE 1500 RANSOM TCP Request - Class 1
HIGH
2018/01/25DDI RULE 1500/vinfo/cn/threat-encyclopedia/network/ddi-rule-1500
DDI RULE 2560 SAD - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2560/vinfo/cn/threat-encyclopedia/network/ddi-rule-2560
DDI RULE 2561 DYNAMER - HTTP (Request) - Variant 2
HIGH
2018/01/25DDI RULE 2561/vinfo/cn/threat-encyclopedia/network/ddi-rule-2561
DDI RULE 2570 UBOATRAT - HTTP (Request)
HIGH
2018/01/25DDI RULE 2570/vinfo/cn/threat-encyclopedia/network/ddi-rule-2570
DDI RULE 2571 MAILSPLOIT - SMTP (Request)
HIGH
2018/01/25DDI RULE 2571/vinfo/cn/threat-encyclopedia/network/ddi-rule-2571
DDI RULE 2577 DIGMINE - HTTP (Request)
HIGH
2018/01/25DDI RULE 2577/vinfo/cn/threat-encyclopedia/network/ddi-rule-2577
DDI RULE 2578 CVE-2017-17215 - Remote Code Execution - HTTP (Request)
HIGH
2018/01/25DDI RULE 2578/vinfo/cn/threat-encyclopedia/network/ddi-rule-2578
DDI RULE 2579 MALPHISH - HTTP (Request) - Variant 2
HIGH
2018/01/25DDI RULE 2579/vinfo/cn/threat-encyclopedia/network/ddi-rule-2579
DDI RULE 258 FAKEAV - HTTP (Request) - Variant 8
HIGH
2018/01/25DDI RULE 258/vinfo/cn/threat-encyclopedia/network/ddi-rule-258
DDI RULE 2580 AGENT - HTTP (Request) - Variant 5
HIGH
2018/01/25DDI RULE 2580/vinfo/cn/threat-encyclopedia/network/ddi-rule-2580
DDI RULE 2581 BITMAN - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2581/vinfo/cn/threat-encyclopedia/network/ddi-rule-2581
DDI RULE 2550 DLINK Command Injection Exploit - HTTP (Request)
HIGH
2018/01/25DDI RULE 2550/vinfo/cn/threat-encyclopedia/network/ddi-rule-2550
DDI RULE 2554 ICEDID - HTTP (Request)
HIGH
2018/01/25DDI RULE 2554/vinfo/cn/threat-encyclopedia/network/ddi-rule-2554
DDI RULE 2555 TOXOCARA - HTTP (Request)
HIGH
2018/01/25DDI RULE 2555/vinfo/cn/threat-encyclopedia/network/ddi-rule-2555
DDI RULE 2556 TIGGRE - TCP (Request)
HIGH
2018/01/25DDI RULE 2556/vinfo/cn/threat-encyclopedia/network/ddi-rule-2556
DDI RULE 2557 VOLGMER - HTTP (Request)
HIGH
2018/01/25DDI RULE 2557/vinfo/cn/threat-encyclopedia/network/ddi-rule-2557
DDI RULE 2558 CVE-2017-11779 - DNSAPI NSEC3 Buffer Overflow Exploit - DNS (Response)
HIGH
2018/01/25DDI RULE 2558/vinfo/cn/threat-encyclopedia/network/ddi-rule-2558
DDI RULE 2344 SPORA - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2344/vinfo/cn/threat-encyclopedia/network/ddi-rule-2344
DDI RULE 2292 SPICYCRYPT - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2292/vinfo/cn/threat-encyclopedia/network/ddi-rule-2292
DDI RULE 2227 SKEEYAH - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2227/vinfo/cn/threat-encyclopedia/network/ddi-rule-2227
DDI RULE 2271 WILDFIRE - Ransomware - HTTP (Request)
HIGH
2018/01/25DDI RULE 2271/vinfo/cn/threat-encyclopedia/network/ddi-rule-2271
DDI RULE 2590 CVE-2017-6736 - Remote Code Execution Exploit - SNMP (Request)
MEDIUM
2018/01/24DDI RULE 2590/vinfo/cn/threat-encyclopedia/network/ddi-rule-2590
DDI RULE 2490 CVE-2017-9805 - ApacheStruts XStream RCE Exploit - HTTP (Request)
HIGH
2018/01/23DDI RULE 2490/vinfo/cn/threat-encyclopedia/network/ddi-rule-2490
DDI RULE 2348 CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request)
MEDIUM
2018/01/22DDI RULE 2348/vinfo/cn/threat-encyclopedia/network/ddi-rule-2348
DDI RULE 2352 CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request) - Variant 2
HIGH
2018/01/22DDI RULE 2352/vinfo/cn/threat-encyclopedia/network/ddi-rule-2352
DDI RULE 2588 CVE-2017-9822 DotNetNuke Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/01/22DDI RULE 2588/vinfo/cn/threat-encyclopedia/network/ddi-rule-2588
DDI RULE 2589 LOKI - HTTP (Response)
HIGH
2018/01/18DDI RULE 2589/vinfo/cn/threat-encyclopedia/network/ddi-rule-2589
DDI RULE 1475 FAKEAV - HTTP (Request) - Variant 37
HIGH
2018/01/16DDI RULE 1475/vinfo/cn/threat-encyclopedia/network/ddi-rule-1475
DDI RULE 1476 FAKEAV - HTTP (Request) - Variant 38
HIGH
2018/01/16DDI RULE 1476/vinfo/cn/threat-encyclopedia/network/ddi-rule-1476
DDI RULE 1397 FAKEAV - HTTP (Request) - Variant 25
HIGH
2018/01/16DDI RULE 1397/vinfo/cn/threat-encyclopedia/network/ddi-rule-1397
DDI RULE 1250 FAKEAV - HTTP (Request) - Variant 35
HIGH
2018/01/16DDI RULE 1250/vinfo/cn/threat-encyclopedia/network/ddi-rule-1250
DDI RULE 2586 NECURS - HTTP (Request) - Variant 4
MEDIUM
2018/01/16DDI RULE 2586/vinfo/cn/threat-encyclopedia/network/ddi-rule-2586
DDI RULE 2587 SAGECRYPT - HTTP (Request)
MEDIUM
2018/01/16DDI RULE 2587/vinfo/cn/threat-encyclopedia/network/ddi-rule-2587
DDI RULE 2565 Data Exfiltration - ICMP (Request)
MEDIUM
2018/01/16DDI RULE 2565/vinfo/cn/threat-encyclopedia/network/ddi-rule-2565
DDI RULE 2585 Ratankba Downloader - HTTP (Response)
HIGH
2018/01/15DDI RULE 2585/vinfo/cn/threat-encyclopedia/network/ddi-rule-2585
DDI RULE 2583 Powershell script requested from root directory - HTTP (Request)
HIGH
2018/01/15DDI RULE 2583/vinfo/cn/threat-encyclopedia/network/ddi-rule-2583
DDI RULE 2582 CVE-2017-3248 - UnicastRef Insecure Deserialization
HIGH
2018/01/11DDI RULE 2582/vinfo/cn/threat-encyclopedia/network/ddi-rule-2582
DDI RULE 2345 RATANKBA - HTTP (Request)
HIGH
2018/01/11DDI RULE 2345/vinfo/cn/threat-encyclopedia/network/ddi-rule-2345
DDI RULE 2294 SUNDOWN - Exploit Kit - HTTP(Request)
HIGH
2018/01/09DDI RULE 2294/vinfo/cn/threat-encyclopedia/network/ddi-rule-2294
DDI RULE 2575 Command Injection via UPnP SOAP Interface - HTTP (Request)
LOW
2018/01/09DDI RULE 2575/vinfo/cn/threat-encyclopedia/network/ddi-rule-2575
DDI RULE 2576 Electroneum(ETN) Webminer Malvertisment - HTTP(Request)
HIGH
2018/01/04DDI RULE 2576/vinfo/cn/threat-encyclopedia/network/ddi-rule-2576
DDI RULE 1344 RANSOM - HTTP (Request) - Variant 10
HIGH
2018/01/03DDI RULE 1344/vinfo/cn/threat-encyclopedia/network/ddi-rule-1344
DDI RULE 1479 RANSOM - HTTP (Request) - Variant 11
HIGH
2018/01/03DDI RULE 1479/vinfo/cn/threat-encyclopedia/network/ddi-rule-1479
DDI RULE 1518 RANSOM - HTTP (Request) - Variant 12
HIGH
2018/01/03DDI RULE 1518/vinfo/cn/threat-encyclopedia/network/ddi-rule-1518
DDI RULE 2076 CRYPZUQUIT - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2076/vinfo/cn/threat-encyclopedia/network/ddi-rule-2076
DDI RULE 2117 DEMOCRY - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2117/vinfo/cn/threat-encyclopedia/network/ddi-rule-2117
DDI RULE 2020 RANSOM LECTOOL HTTP Request
HIGH
2018/01/03DDI RULE 2020/vinfo/cn/threat-encyclopedia/network/ddi-rule-2020
DDI RULE 2028 LOCKY - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2028/vinfo/cn/threat-encyclopedia/network/ddi-rule-2028
DDI RULE 2031 RANSOM HYDRA - HTTP (Request)
HIGH
2018/01/03DDI RULE 2031/vinfo/cn/threat-encyclopedia/network/ddi-rule-2031
DDI RULE 2166 PIZACRYP - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2166/vinfo/cn/threat-encyclopedia/network/ddi-rule-2166
DDI RULE 2284 HIDDENTEARHAPPY - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2284/vinfo/cn/threat-encyclopedia/network/ddi-rule-2284
DDI RULE 2305 EXMAS - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2305/vinfo/cn/threat-encyclopedia/network/ddi-rule-2305
DDI RULE 2278 KARMA - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2278/vinfo/cn/threat-encyclopedia/network/ddi-rule-2278
DDI RULE 2251 LOCKY - Ransomware - HTTP (Request) - Variant 4
HIGH
2018/01/03DDI RULE 2251/vinfo/cn/threat-encyclopedia/network/ddi-rule-2251
DDI RULE 2259 NUCLEAR - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2259/vinfo/cn/threat-encyclopedia/network/ddi-rule-2259
DDI RULE 2226 KAWAIILOCKER - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2226/vinfo/cn/threat-encyclopedia/network/ddi-rule-2226
DDI RULE 2373 MATRIX - Ransomware - HTTP (Request)
HIGH
2018/01/03DDI RULE 2373/vinfo/cn/threat-encyclopedia/network/ddi-rule-2373
DDI RULE 2375 MATRIX - Ransomware - HTTP (Response)
HIGH
2018/01/03DDI RULE 2375/vinfo/cn/threat-encyclopedia/network/ddi-rule-2375
DDI RULE 2563 Data Exfiltration - HTTP (Request)
HIGH
2017/12/28DDI RULE 2563/vinfo/cn/threat-encyclopedia/network/ddi-rule-2563
DDI RULE 2075 CRYPRADAM - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2075/vinfo/cn/threat-encyclopedia/network/ddi-rule-2075
DDI RULE 2061 CRYPWALL - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2061/vinfo/cn/threat-encyclopedia/network/ddi-rule-2061
DDI RULE 2119 CRIPTODC - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2119/vinfo/cn/threat-encyclopedia/network/ddi-rule-2119
DDI RULE 2120 BUCBI - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2120/vinfo/cn/threat-encyclopedia/network/ddi-rule-2120
DDI RULE 2096 CRYPAPLHA - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2096/vinfo/cn/threat-encyclopedia/network/ddi-rule-2096
DDI RULE 2093 CRYPVAULT - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2093/vinfo/cn/threat-encyclopedia/network/ddi-rule-2093
DDI RULE 2094 CRYPCORE - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2094/vinfo/cn/threat-encyclopedia/network/ddi-rule-2094
DDI RULE 1860 CRYPTESLA - Ransomware - HTTP (Request) - Variant 3
HIGH
2017/12/21DDI RULE 1860/vinfo/cn/threat-encyclopedia/network/ddi-rule-1860
DDI RULE 2403 CRYPMOLE - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2403/vinfo/cn/threat-encyclopedia/network/ddi-rule-2403
DDI RULE 2225 CRYPY - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2225/vinfo/cn/threat-encyclopedia/network/ddi-rule-2225
DDI RULE 2228 CRYPBEE - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2228/vinfo/cn/threat-encyclopedia/network/ddi-rule-2228
DDI RULE 2229 BARTZ - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2229/vinfo/cn/threat-encyclopedia/network/ddi-rule-2229
DDI RULE 2217 CRYPHYDRA - Ransomware - HTTP (Request) - Variant 2
HIGH
2017/12/21DDI RULE 2217/vinfo/cn/threat-encyclopedia/network/ddi-rule-2217
DDI RULE 2337 CRYPSHIELD - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2337/vinfo/cn/threat-encyclopedia/network/ddi-rule-2337
DDI RULE 2338 CERBER - Ransomware - HTTP (Request)
HIGH
2017/12/21DDI RULE 2338/vinfo/cn/threat-encyclopedia/network/ddi-rule-2338
DDI RULE 1289 MINER - HTTP (Request)
HIGH
2017/12/20DDI RULE 1289/vinfo/cn/threat-encyclopedia/network/ddi-rule-1289
DDI RULE 2572 HTA PowerShell Empire - HTTP (Request) - Variant 2
HIGH
2017/12/20DDI RULE 2572/vinfo/cn/threat-encyclopedia/network/ddi-rule-2572
DDI RULE 2573 MINER - TCP (Request)
MEDIUM
2017/12/20DDI RULE 2573/vinfo/cn/threat-encyclopedia/network/ddi-rule-2573
DDI RULE 2365 File renamed - SOREBRECT - Ransomware - SMB (Request)
HIGH
2017/12/19DDI RULE 2365/vinfo/cn/threat-encyclopedia/network/ddi-rule-2365
DDI RULE 2409 File renamed - LOCKY - Ransomware - SMB (Request)
HIGH
2017/12/19DDI RULE 2409/vinfo/cn/threat-encyclopedia/network/ddi-rule-2409
DDI RULE 241 Incorrect Content-Type value in header - HTTP (Response) - Variant 2
MEDIUM
2017/12/19DDI RULE 241/vinfo/cn/threat-encyclopedia/network/ddi-rule-241
DDI RULE 2410 File renamed - CRYSIS - Ransomware - SMB (Request)
HIGH
2017/12/19DDI RULE 2410/vinfo/cn/threat-encyclopedia/network/ddi-rule-2410
DDI RULE 2411 File renamed - WCRY - Ransomware - SMB (Request)
HIGH
2017/12/19DDI RULE 2411/vinfo/cn/threat-encyclopedia/network/ddi-rule-2411
DDI RULE 2261 GAFGYT - HTTP (Request)
HIGH
2017/12/18DDI RULE 2261/vinfo/cn/threat-encyclopedia/network/ddi-rule-2261
DDI RULE 153 Possible DOWNAD - Encrypted connection - TCP
LOW
2017/12/13DDI RULE 153/vinfo/cn/threat-encyclopedia/network/ddi-rule-153
DDI RULE 2568 COBALTSTRIKE - DNS (Response)
HIGH
2017/12/13DDI RULE 2568/vinfo/cn/threat-encyclopedia/network/ddi-rule-2568
DDI RULE 2569 TOXOCARA - DNS (Response)
HIGH
2017/12/13DDI RULE 2569/vinfo/cn/threat-encyclopedia/network/ddi-rule-2569
DDI RULE 2566 Data Exfiltration - DNS (Request)
HIGH
2017/12/07DDI RULE 2566/vinfo/cn/threat-encyclopedia/network/ddi-rule-2566
DDI RULE 2567 Data Exfiltration - UDP (Request)
HIGH
2017/12/07DDI RULE 2567/vinfo/cn/threat-encyclopedia/network/ddi-rule-2567
DDI RULE 2564 Data Exfiltration - TCP (Request)
HIGH
2017/12/07DDI RULE 2564/vinfo/cn/threat-encyclopedia/network/ddi-rule-2564
DDI RULE 2423 FATALISTICZ - HTTP
HIGH
2017/12/06DDI RULE 2423/vinfo/cn/threat-encyclopedia/network/ddi-rule-2423
DDI RULE 2516 Coinhive JavaScript Miner - HTTPS (Request)
LOW
2017/12/04DDI RULE 2516/vinfo/cn/threat-encyclopedia/network/ddi-rule-2516
DDI RULE 2559 CVE-2017-12149 - JBOSSAS COMMAND EXECUTION EXPLOIT - HTTP (Request)
MEDIUM
2017/12/04DDI RULE 2559/vinfo/cn/threat-encyclopedia/network/ddi-rule-2559
DDI RULE 2552 Possible Brute force - Telnet (Response)
MEDIUM
2017/11/23DDI RULE 2552/vinfo/cn/threat-encyclopedia/network/ddi-rule-2552
DDI RULE 38 Multiple unsuccessful logon attempts
LOW
2017/11/23DDI RULE 38/vinfo/cn/threat-encyclopedia/network/ddi-rule-38
DDI RULE 386 UTOTI - HTTP (Request)
HIGH
2017/11/23DDI RULE 386/vinfo/cn/threat-encyclopedia/network/ddi-rule-386
DDI RULE 39 Host DNS query to a non-trusted DNS server
MEDIUM
2017/11/23DDI RULE 39/vinfo/cn/threat-encyclopedia/network/ddi-rule-39
DDI RULE 1034 KOOBFACE - HTTP (Request)
HIGH
2017/11/22DDI RULE 1034/vinfo/cn/threat-encyclopedia/network/ddi-rule-1034
DDI RULE 2551 TRUEBOT - HTTP (Request)
HIGH
2017/11/20DDI RULE 2551/vinfo/cn/threat-encyclopedia/network/ddi-rule-2551
DDI RULE 1539 Windows Remote Management Service Detected - HTTP (Request)
MEDIUM
2017/11/15DDI RULE 1539/vinfo/cn/threat-encyclopedia/network/ddi-rule-1539
DDI RULE 2537 Powershell Remote Command Execution Via WinRM - HTTP(Request)
HIGH
2017/11/15DDI RULE 2537/vinfo/cn/threat-encyclopedia/network/ddi-rule-2537
DDI RULE 2548 LINKSYS Remote Code Execution - HTTP (Request)
HIGH
2017/11/14DDI RULE 2548/vinfo/cn/threat-encyclopedia/network/ddi-rule-2548
DDI RULE 2549 Possible LINKSYS Remote Code Execution - HTTP (Request)
HIGH
2017/11/14DDI RULE 2549/vinfo/cn/threat-encyclopedia/network/ddi-rule-2549
DDI RULE 2543 VACRON Remote Code Execution Exploit- HTTP (Request)
HIGH
2017/11/09DDI RULE 2543/vinfo/cn/threat-encyclopedia/network/ddi-rule-2543
DDI RULE 2544 JAWS Remote Code Execution Exploit - HTTP (Request)
HIGH
2017/11/09DDI RULE 2544/vinfo/cn/threat-encyclopedia/network/ddi-rule-2544
DDI RULE 2546 DLINK Directory Traversal Exploit - HTTP (Request)
HIGH
2017/11/09DDI RULE 2546/vinfo/cn/threat-encyclopedia/network/ddi-rule-2546
DDI RULE 2547 NETGEAR DGN1000/DGN2200 Remote Code Execution - HTTP (Request)
HIGH
2017/11/09DDI RULE 2547/vinfo/cn/threat-encyclopedia/network/ddi-rule-2547
DDI RULE 2539 AVTECH Authentication ByPass Exploit- HTTP (Request)
HIGH
2017/11/09DDI RULE 2539/vinfo/cn/threat-encyclopedia/network/ddi-rule-2539
DDI RULE 2540 REAPER - HTTP (Request)
HIGH
2017/11/07DDI RULE 2540/vinfo/cn/threat-encyclopedia/network/ddi-rule-2540
DDI RULE 2541 REAPER - HTTP (Request) - Variant 2
HIGH
2017/11/07DDI RULE 2541/vinfo/cn/threat-encyclopedia/network/ddi-rule-2541
DDI RULE 2542 MINER - HTTP (Response)
HIGH
2017/11/07DDI RULE 2542/vinfo/cn/threat-encyclopedia/network/ddi-rule-2542
DDI RULE 2538 APT - WIPBOT - HTTP (Request)
HIGH
2017/11/07DDI RULE 2538/vinfo/cn/threat-encyclopedia/network/ddi-rule-2538
DDI RULE 1760 Possible UPATRE - HTTP (Request)
MEDIUM
2017/11/02DDI RULE 1760/vinfo/cn/threat-encyclopedia/network/ddi-rule-1760
DDI RULE 2063 CHOPPER - HTTP (Request)
HIGH
2017/11/02DDI RULE 2063/vinfo/cn/threat-encyclopedia/network/ddi-rule-2063
DDI RULE 2529 APT - TURLA - HTTP (Request)
HIGH
2017/10/30DDI RULE 2529/vinfo/cn/threat-encyclopedia/network/ddi-rule-2529
DDI RULE 253 RUSTOCK - HTTP (Request) - Variant 2
HIGH
2017/10/30DDI RULE 253/vinfo/cn/threat-encyclopedia/network/ddi-rule-253
DDI RULE 2533 EDA2ANUBIS - HTTP (Request)
HIGH
2017/10/30DDI RULE 2533/vinfo/cn/threat-encyclopedia/network/ddi-rule-2533
DDI RULE 2534 INSOMNIA - HTTP
HIGH
2017/10/30DDI RULE 2534/vinfo/cn/threat-encyclopedia/network/ddi-rule-2534
DDI RULE 2535 WEBACOO - HTTP
HIGH
2017/10/30DDI RULE 2535/vinfo/cn/threat-encyclopedia/network/ddi-rule-2535
DDI RULE 2536 Netgear ReadyNAS RCE Exploit - HTTP (Request)
HIGH
2017/10/30DDI RULE 2536/vinfo/cn/threat-encyclopedia/network/ddi-rule-2536
DDI RULE 2128 HANCITOR - HTTP (Request)
HIGH
2017/10/27DDI RULE 2128/vinfo/cn/threat-encyclopedia/network/ddi-rule-2128
DDI RULE 2528 MS17-010 - Remote Code Execution - SMB (Request) - Variant 2
HIGH
2017/10/26DDI RULE 2528/vinfo/cn/threat-encyclopedia/network/ddi-rule-2528
DDI RULE 2461 APT - DAPTER - HTTP (Request)
HIGH
2017/10/25DDI RULE 2461/vinfo/cn/threat-encyclopedia/network/ddi-rule-2461
DDI RULE 2207 Possible DLOADER - HTTP (Request) - Variant 6
MEDIUM
2017/10/24DDI RULE 2207/vinfo/cn/threat-encyclopedia/network/ddi-rule-2207
DDI RULE 2354 EXPLOYT - HTTP (Request) - Variant 5
HIGH
2017/10/24DDI RULE 2354/vinfo/cn/threat-encyclopedia/network/ddi-rule-2354
DDI RULE 2525 SAGE - Ransomware - HTTP (Request)
HIGH
2017/10/24DDI RULE 2525/vinfo/cn/threat-encyclopedia/network/ddi-rule-2525
DDI RULE 1183 ZBOT - DNS (Request)
MEDIUM
2017/10/19DDI RULE 1183/vinfo/cn/threat-encyclopedia/network/ddi-rule-1183
DDI RULE 2521 Possible HANCITOR - HTTP (Request) - Variant 2
LOW
2017/10/19DDI RULE 2521/vinfo/cn/threat-encyclopedia/network/ddi-rule-2521
DDI RULE 2522 DEDEX - HTTP (Request)
HIGH
2017/10/19DDI RULE 2522/vinfo/cn/threat-encyclopedia/network/ddi-rule-2522
DDI RULE 2523 DASERF - HTTP (Request) - Variant 2
HIGH
2017/10/19DDI RULE 2523/vinfo/cn/threat-encyclopedia/network/ddi-rule-2523
DDI RULE 2524 GOFARER - HTTP (Request)
HIGH
2017/10/19DDI RULE 2524/vinfo/cn/threat-encyclopedia/network/ddi-rule-2524
DDI RULE 2335 PRAPDUKAT - TCP
HIGH
2017/10/18DDI RULE 2335/vinfo/cn/threat-encyclopedia/network/ddi-rule-2335
DDI RULE 1543 Possible CRILOCK DNS Response
HIGH
2017/10/17DDI RULE 1543/vinfo/cn/threat-encyclopedia/network/ddi-rule-1543
DDI RULE 2161 CYPHERKEY - HTTP (Request)
HIGH
2017/10/17DDI RULE 2161/vinfo/cn/threat-encyclopedia/network/ddi-rule-2161
DDI RULE 2162 GOOPIC - HTTP (Request)
HIGH
2017/10/17DDI RULE 2162/vinfo/cn/threat-encyclopedia/network/ddi-rule-2162
DDI RULE 2163 CRYPSHOCKER - HTTP (Request)
HIGH
2017/10/17DDI RULE 2163/vinfo/cn/threat-encyclopedia/network/ddi-rule-2163
DDI RULE 2103 ENIGMA - Ransomware - HTTP (Request)
HIGH
2017/10/17DDI RULE 2103/vinfo/cn/threat-encyclopedia/network/ddi-rule-2103
DDI RULE 2106 AUTOLOCKY - Ransomware - HTTP (Request)
HIGH
2017/10/17DDI RULE 2106/vinfo/cn/threat-encyclopedia/network/ddi-rule-2106
DDI RULE 2112 MADLOCKER - Ransomware - HTTP (Request)
HIGH
2017/10/17DDI RULE 2112/vinfo/cn/threat-encyclopedia/network/ddi-rule-2112
DDI RULE 2032 CRYPTESLA - Ransomware - HTTP (Request) - Variant 4
HIGH
2017/10/17DDI RULE 2032/vinfo/cn/threat-encyclopedia/network/ddi-rule-2032
DDI RULE 2034 RANSOM CRYPTESLA - HTTP (Request) - Variant 5
HIGH
2017/10/17DDI RULE 2034/vinfo/cn/threat-encyclopedia/network/ddi-rule-2034
DDI RULE 2165 CRYPMIC - Ransomware - TCP
HIGH
2017/10/17DDI RULE 2165/vinfo/cn/threat-encyclopedia/network/ddi-rule-2165
DDI RULE 2296 CHIP - Ransomware - HTTP (Response)
HIGH
2017/10/17DDI RULE 2296/vinfo/cn/threat-encyclopedia/network/ddi-rule-2296
DDI RULE 2267 JACKPOT - Ransomware - HTTP (Request)
HIGH
2017/10/17DDI RULE 2267/vinfo/cn/threat-encyclopedia/network/ddi-rule-2267
DDI RULE 2376 HIDDENTEARZORRO - Ransomware - TCP
HIGH
2017/10/17DDI RULE 2376/vinfo/cn/threat-encyclopedia/network/ddi-rule-2376
DDI RULE 2520 MAGNITUDE - Exploit Kit - HTTP (Request) - Variant 4
HIGH
2017/10/16DDI RULE 2520/vinfo/cn/threat-encyclopedia/network/ddi-rule-2520
DDI RULE 98 Unidentified protocol using standard service port
HIGH
2017/10/16DDI RULE 98/vinfo/cn/threat-encyclopedia/network/ddi-rule-98
DDI RULE 1263 VIRUT - HTTP (Request)
HIGH
2017/10/12DDI RULE 1263/vinfo/cn/threat-encyclopedia/network/ddi-rule-1263
DDI RULE 2519 DLINK DIR8xx leak credentials exploit - HTTP (Request)
HIGH
2017/10/12DDI RULE 2519/vinfo/cn/threat-encyclopedia/network/ddi-rule-2519
DDI RULE 2196 BUTERAT - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2196/vinfo/cn/threat-encyclopedia/network/ddi-rule-2196
DDI RULE 2025 NEMUCOD - HTTP (Request) - Variant 6
HIGH
2017/10/11DDI RULE 2025/vinfo/cn/threat-encyclopedia/network/ddi-rule-2025
DDI RULE 2062 NEMUCOD - HTTP (Request) - Variant 7
HIGH
2017/10/11DDI RULE 2062/vinfo/cn/threat-encyclopedia/network/ddi-rule-2062
DDI RULE 2051 NEMUCOD - HTTP (Request) - Variant 5
HIGH
2017/10/11DDI RULE 2051/vinfo/cn/threat-encyclopedia/network/ddi-rule-2051
DDI RULE 2083 CRYPAURA - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2083/vinfo/cn/threat-encyclopedia/network/ddi-rule-2083
DDI RULE 2118 CRYDAP - Ransomware - HTTP (Request) - Variant 2
HIGH
2017/10/11DDI RULE 2118/vinfo/cn/threat-encyclopedia/network/ddi-rule-2118
DDI RULE 2097 EMPER - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2097/vinfo/cn/threat-encyclopedia/network/ddi-rule-2097
DDI RULE 2164 BART - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2164/vinfo/cn/threat-encyclopedia/network/ddi-rule-2164
DDI RULE 2123 ZCRYPT - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2123/vinfo/cn/threat-encyclopedia/network/ddi-rule-2123
DDI RULE 2126 SNSLOCK - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2126/vinfo/cn/threat-encyclopedia/network/ddi-rule-2126
DDI RULE 2138 BADBLOCK - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2138/vinfo/cn/threat-encyclopedia/network/ddi-rule-2138
DDI RULE 2140 CRYPSHED - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2140/vinfo/cn/threat-encyclopedia/network/ddi-rule-2140
DDI RULE 1821 NEMUCOD HTTP Request
HIGH
2017/10/11DDI RULE 1821/vinfo/cn/threat-encyclopedia/network/ddi-rule-1821
DDI RULE 1874 NEMUCOD - HTTP (Request) - Variant 2
HIGH
2017/10/11DDI RULE 1874/vinfo/cn/threat-encyclopedia/network/ddi-rule-1874
DDI RULE 2518 CVE-2017-14496 - DNSMASQ Integer Underflow Exploit - DNS (Request)
HIGH
2017/10/11DDI RULE 2518/vinfo/cn/threat-encyclopedia/network/ddi-rule-2518
DDI RULE 2489 APT - KOADIC - HTTP (Request)
HIGH
2017/10/11DDI RULE 2489/vinfo/cn/threat-encyclopedia/network/ddi-rule-2489
DDI RULE 2206 CRYPSALAM - Ransomware - HTTP (Request) - Variant 2
HIGH
2017/10/11DDI RULE 2206/vinfo/cn/threat-encyclopedia/network/ddi-rule-2206
DDI RULE 2218 POGOTEAR - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2218/vinfo/cn/threat-encyclopedia/network/ddi-rule-2218
DDI RULE 2215 JAGER - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2215/vinfo/cn/threat-encyclopedia/network/ddi-rule-2215
DDI RULE 2216 TELANATEAR - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2216/vinfo/cn/threat-encyclopedia/network/ddi-rule-2216
DDI RULE 2233 MILICRY - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2233/vinfo/cn/threat-encyclopedia/network/ddi-rule-2233
DDI RULE 2235 FANTOMCRYPT - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2235/vinfo/cn/threat-encyclopedia/network/ddi-rule-2235
DDI RULE 2236 SERPICO - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2236/vinfo/cn/threat-encyclopedia/network/ddi-rule-2236
DDI RULE 2316 BRAINCRYPT - Ransomware - HTTP(Request)
HIGH
2017/10/11DDI RULE 2316/vinfo/cn/threat-encyclopedia/network/ddi-rule-2316
DDI RULE 2317 POPCORNTYM - Ransomware - HTTP(Request)
HIGH
2017/10/11DDI RULE 2317/vinfo/cn/threat-encyclopedia/network/ddi-rule-2317
DDI RULE 2318 CRYPBLOCK - Ransomware - HTTP(Request)
HIGH
2017/10/11DDI RULE 2318/vinfo/cn/threat-encyclopedia/network/ddi-rule-2318
DDI RULE 2319 EDA2RUNSOME - Ransomware - HTTP(Request)
HIGH
2017/10/11DDI RULE 2319/vinfo/cn/threat-encyclopedia/network/ddi-rule-2319
DDI RULE 2291 NEMUCOD - HTTP (Request) - Variant 8
HIGH
2017/10/11DDI RULE 2291/vinfo/cn/threat-encyclopedia/network/ddi-rule-2291
DDI RULE 2322 JOKEMARS - Ransomware - HTTP (Request)
HIGH
2017/10/11DDI RULE 2322/vinfo/cn/threat-encyclopedia/network/ddi-rule-2322
DDI RULE 2506 SSV-93588 - DiscuszX File Operation Exploit - HTTP (Request)
HIGH
2017/10/10DDI RULE 2506/vinfo/cn/threat-encyclopedia/network/ddi-rule-2506
DDI RULE 2517 CVE-2017-14493 - DNSMASQ Buffer Overflow Exploit - DHCP (Request)
HIGH
2017/10/10DDI RULE 2517/vinfo/cn/threat-encyclopedia/network/ddi-rule-2517
DDI RULE 2504 CVE-2017-9798 - APACHE OPTIONSBLEED Vulnerability - HTTP (Response)
HIGH
2017/10/09DDI RULE 2504/vinfo/cn/threat-encyclopedia/network/ddi-rule-2504
DDI RULE 1877 ANGLER - Exploit Kit - HTTP(Request) - Variant 3
HIGH
2017/10/03DDI RULE 1877/vinfo/cn/threat-encyclopedia/network/ddi-rule-1877
DDI RULE 2124 XORBAT - Ransomware - HTTP (Request)
HIGH
2017/10/03DDI RULE 2124/vinfo/cn/threat-encyclopedia/network/ddi-rule-2124
DDI RULE 2086 WALTRIX - Ransomware - TCP
HIGH
2017/10/03DDI RULE 2086/vinfo/cn/threat-encyclopedia/network/ddi-rule-2086
DDI RULE 2122 CRILOCK - Ransomware - HTTP (Request)
HIGH
2017/10/03DDI RULE 2122/vinfo/cn/threat-encyclopedia/network/ddi-rule-2122
DDI RULE 2081 CRYPTEAR - Ransomware - HTTP (Request)
HIGH
2017/10/03DDI RULE 2081/vinfo/cn/threat-encyclopedia/network/ddi-rule-2081
DDI RULE 2082 COVERTON - Ransomware - HTTP (Request)
HIGH
2017/10/03DDI RULE 2082/vinfo/cn/threat-encyclopedia/network/ddi-rule-2082
DDI RULE 2046 VAWTRAK - HTTP (Request) - Variant 7
HIGH
2017/10/03DDI RULE 2046/vinfo/cn/threat-encyclopedia/network/ddi-rule-2046
DDI RULE 2057 CRYDAP - Ransomware - HTTP (Request)
HIGH
2017/10/03DDI RULE 2057/vinfo/cn/threat-encyclopedia/network/ddi-rule-2057
DDI RULE 2058 CVE-2016-0128 - Windows Downgrade Vulnerability - DCE-RPC
HIGH
2017/10/03DDI RULE 2058/vinfo/cn/threat-encyclopedia/network/ddi-rule-2058
DDI RULE 2059 CVE-2016-0128 - Unencrypted Authentication Level - SAMR (Request)
LOW
2017/10/03DDI RULE 2059/vinfo/cn/threat-encyclopedia/network/ddi-rule-2059
DDI RULE 2513 TERROR - Exploit Kit - HTTP(Request)
HIGH
2017/10/03DDI RULE 2513/vinfo/cn/threat-encyclopedia/network/ddi-rule-2513
DDI RULE 2514 TERROR - Exploit Kit - HTTP(Response)
HIGH
2017/10/03DDI RULE 2514/vinfo/cn/threat-encyclopedia/network/ddi-rule-2514
DDI RULE 940 APT - WATERBEAR - TCP (Request)
HIGH
2017/10/03DDI RULE 940/vinfo/cn/threat-encyclopedia/network/ddi-rule-940
DDI RULE 2505 Linux Reverse Shell - TCP (Response)
HIGH
2017/10/02DDI RULE 2505/vinfo/cn/threat-encyclopedia/network/ddi-rule-2505
DDI RULE 2452 Wget Commandline Injection
MEDIUM
2017/10/02DDI RULE 2452/vinfo/cn/threat-encyclopedia/network/ddi-rule-2452
DDI RULE 2503 SCRIPT DOWNLOADER - HTTP (Request)
HIGH
2017/09/28DDI RULE 2503/vinfo/cn/threat-encyclopedia/network/ddi-rule-2503
DDI RULE 2499 CVE-2016-10174 - NETGEAR Remote Code Execution - HTTP (Request)
HIGH
2017/09/27DDI RULE 2499/vinfo/cn/threat-encyclopedia/network/ddi-rule-2499
DDI RULE 25 Host DNS IAXFR/IXFR request from a non-trusted source
LOW
2017/09/27DDI RULE 25/vinfo/cn/threat-encyclopedia/network/ddi-rule-25
DDI RULE 2500 Executable Image Download - HTTP (Response)
MEDIUM
2017/09/26DDI RULE 2500/vinfo/cn/threat-encyclopedia/network/ddi-rule-2500
DDI RULE 2501 APT - RETADUP - HTTP (Request)
HIGH
2017/09/26DDI RULE 2501/vinfo/cn/threat-encyclopedia/network/ddi-rule-2501
DDI RULE 2502 CVE-2017-5689 - Intel AMT Digest Authentication Bypass exploit - HTTP (Request)
HIGH
2017/09/26DDI RULE 2502/vinfo/cn/threat-encyclopedia/network/ddi-rule-2502
DDI RULE 2497 CCHACK - DNS (Response)
HIGH
2017/09/26DDI RULE 2497/vinfo/cn/threat-encyclopedia/network/ddi-rule-2497
DDI RULE 2498 CVE-2017-12615 - APACHE TOMCAT Remote Code Execution via JSP Upload - HTTP (Request)
HIGH
2017/09/26DDI RULE 2498/vinfo/cn/threat-encyclopedia/network/ddi-rule-2498
DDI RULE 2495 APOLLO - Ransomware - HTTP (Request)
HIGH
2017/09/21DDI RULE 2495/vinfo/cn/threat-encyclopedia/network/ddi-rule-2495
DDI RULE 2496 APT - LAGEMER - HTTP (Request)
HIGH
2017/09/21DDI RULE 2496/vinfo/cn/threat-encyclopedia/network/ddi-rule-2496
DDI RULE 2481 DOWNLOADER - HTTP (Response)
HIGH
2017/09/19DDI RULE 2481/vinfo/cn/threat-encyclopedia/network/ddi-rule-2481
DDI RULE 2493 CVE-2017-8759 - SOAP WSDL Command Injection Exploit- HTTP (Request)
HIGH
2017/09/19DDI RULE 2493/vinfo/cn/threat-encyclopedia/network/ddi-rule-2493
DDI RULE 2492 KARAGANY - HTTP (Request)
HIGH
2017/09/18DDI RULE 2492/vinfo/cn/threat-encyclopedia/network/ddi-rule-2492
DDI RULE 2197 Possible DLOADER - HTTP (Request) - Variant 4
MEDIUM
2017/09/14DDI RULE 2197/vinfo/cn/threat-encyclopedia/network/ddi-rule-2197
DDI RULE 1434 Remote PHP-CGI Command Execution - HTTP (Request)
HIGH
2017/09/14DDI RULE 1434/vinfo/cn/threat-encyclopedia/network/ddi-rule-1434
DDI RULE 2479 INFOSTEAL - HTTP (Request) - Variant 3
HIGH
2017/09/11DDI RULE 2479/vinfo/cn/threat-encyclopedia/network/ddi-rule-2479
DDI RULE 2486 DOWNLOADER - HTTP (Request) - Variant 2
HIGH
2017/09/11DDI RULE 2486/vinfo/cn/threat-encyclopedia/network/ddi-rule-2486
DDI RULE 2460 RIG - Exploit Kit - HTTP(Request) - Variant 4
HIGH
2017/09/11DDI RULE 2460/vinfo/cn/threat-encyclopedia/network/ddi-rule-2460
DDI RULE 2491 CVE-2017-12611 - APACHE STRUTS EXPLOIT - HTTP (Request)
HIGH
2017/09/08DDI RULE 2491/vinfo/cn/threat-encyclopedia/network/ddi-rule-2491
DDI RULE 918 APT - ESILE - HTTP (Request)
HIGH
2017/09/07DDI RULE 918/vinfo/cn/threat-encyclopedia/network/ddi-rule-918
DDI RULE 2487 ELKNOT - TCP
HIGH
2017/09/06DDI RULE 2487/vinfo/cn/threat-encyclopedia/network/ddi-rule-2487
DDI RULE 2488 STRIKED - Ransomware - HTTP (Request)
HIGH
2017/09/06DDI RULE 2488/vinfo/cn/threat-encyclopedia/network/ddi-rule-2488
DDI RULE 2414 CVE-2017-5689 - Authentication bypass - HTTP(Request)
HIGH
2017/09/06DDI RULE 2414/vinfo/cn/threat-encyclopedia/network/ddi-rule-2414
DDI RULE 2392 IP Camera Remote Code Execution - HTTP (Request)
HIGH
2017/09/06DDI RULE 2392/vinfo/cn/threat-encyclopedia/network/ddi-rule-2392
DDI RULE 2329 Metasploit(Payload) - Reverse RUBY TCP Response
HIGH
2017/09/06DDI RULE 2329/vinfo/cn/threat-encyclopedia/network/ddi-rule-2329
DDI RULE 2356 Bleeding Life - Exploit Kit - HTTP (Request)
MEDIUM
2017/09/06DDI RULE 2356/vinfo/cn/threat-encyclopedia/network/ddi-rule-2356
DDI RULE 2353 S2-046 - APACHE STRUTS EXPLOIT - HTTP (Request)
HIGH
2017/09/06DDI RULE 2353/vinfo/cn/threat-encyclopedia/network/ddi-rule-2353
DDI RULE 2254 Metasploit(Payload) - Reverse Lua TCP
HIGH
2017/09/06DDI RULE 2254/vinfo/cn/threat-encyclopedia/network/ddi-rule-2254
DDI RULE 2255 Metasploit(Payload) - Reverse BASH TCP
HIGH
2017/09/06DDI RULE 2255/vinfo/cn/threat-encyclopedia/network/ddi-rule-2255
DDI RULE 2484 KHRAT - TCP
HIGH
2017/09/05DDI RULE 2484/vinfo/cn/threat-encyclopedia/network/ddi-rule-2484
DDI RULE 2485 CCTV-DVR Remote Code Execution - HTTP (Request)
HIGH
2017/09/05DDI RULE 2485/vinfo/cn/threat-encyclopedia/network/ddi-rule-2485
DDI RULE 2116 LOCKY - Ransomware - HTTP (Request) - Variant 2
HIGH
2017/09/04DDI RULE 2116/vinfo/cn/threat-encyclopedia/network/ddi-rule-2116
DDI RULE 2472 CARBANAK - DNS (Response)
HIGH
2017/09/04DDI RULE 2472/vinfo/cn/threat-encyclopedia/network/ddi-rule-2472
DDI RULE 2380 CVE-2017-0147 - Information Disclosure Exploit - SMB (Request)
MEDIUM
2017/09/04DDI RULE 2380/vinfo/cn/threat-encyclopedia/network/ddi-rule-2380
DDI RULE 2382 CVE-2017-0145 - Remote Code Execution - SMB (Request)
MEDIUM
2017/09/04DDI RULE 2382/vinfo/cn/threat-encyclopedia/network/ddi-rule-2382
DDI RULE 2383 CVE-2017-0144 - Remote Code Execution - SMB (Request)
HIGH
2017/09/04DDI RULE 2383/vinfo/cn/threat-encyclopedia/network/ddi-rule-2383
DDI RULE 2435 MS17-010 - Remote Code Execution - SMB (Request)
MEDIUM
2017/09/04DDI RULE 2435/vinfo/cn/threat-encyclopedia/network/ddi-rule-2435
DDI RULE 570 WIMMIE - HTTP (Request) - Variant 2
HIGH
2017/09/04DDI RULE 570/vinfo/cn/threat-encyclopedia/network/ddi-rule-570
DDI RULE 571 WIMMIE - HTTP (Request)
HIGH
2017/09/04DDI RULE 571/vinfo/cn/threat-encyclopedia/network/ddi-rule-571
DDI RULE 639 MORTOS DNS (Response)
HIGH
2017/09/04DDI RULE 639/vinfo/cn/threat-encyclopedia/network/ddi-rule-639
DDI RULE 64 Possible NOP sled
MEDIUM
2017/09/04DDI RULE 64/vinfo/cn/threat-encyclopedia/network/ddi-rule-64
DDI RULE 2030 FLASH EXPLOIT - HTTP (Request)
HIGH
2017/08/31DDI RULE 2030/vinfo/cn/threat-encyclopedia/network/ddi-rule-2030
DDI RULE 1236 IRCBOT - HTTP (Request)
HIGH
2017/08/31DDI RULE 1236/vinfo/cn/threat-encyclopedia/network/ddi-rule-1236
DDI RULE 1226 IRCBOT - HTTP (Request) - Variant 2
HIGH
2017/08/31DDI RULE 1226/vinfo/cn/threat-encyclopedia/network/ddi-rule-1226
DDI RULE 1100 QAKBOT - HTTP (Request) - Variant 7
HIGH
2017/08/31DDI RULE 1100/vinfo/cn/threat-encyclopedia/network/ddi-rule-1100
DDI RULE 2482 DLOADER - HTTP (Request) - Variant 10
HIGH
2017/08/31DDI RULE 2482/vinfo/cn/threat-encyclopedia/network/ddi-rule-2482
DDI RULE 424 QAKBOT - FTP (Request)
HIGH
2017/08/31DDI RULE 424/vinfo/cn/threat-encyclopedia/network/ddi-rule-424
DDI RULE 425 QAKBOT - HTTP (Request) - Variant 4
HIGH
2017/08/31DDI RULE 425/vinfo/cn/threat-encyclopedia/network/ddi-rule-425
DDI RULE 422 QAKBOT - HTTP (Request)
HIGH
2017/08/31DDI RULE 422/vinfo/cn/threat-encyclopedia/network/ddi-rule-422
DDI RULE 460 NETBOT - TCP
MEDIUM
2017/08/30DDI RULE 460/vinfo/cn/threat-encyclopedia/network/ddi-rule-460
DDI RULE 407 GUMBLAR - HTTP (Request)
MEDIUM
2017/08/30DDI RULE 407/vinfo/cn/threat-encyclopedia/network/ddi-rule-407
DDI RULE 41 Malware-related subject and packed executable file - Email
HIGH
2017/08/30DDI RULE 41/vinfo/cn/threat-encyclopedia/network/ddi-rule-41
DDI RULE 436 CHIR - UDP
MEDIUM
2017/08/30DDI RULE 436/vinfo/cn/threat-encyclopedia/network/ddi-rule-436
DDI RULE 437 REMOSH - TCP
HIGH
2017/08/30DDI RULE 437/vinfo/cn/threat-encyclopedia/network/ddi-rule-437
DDI RULE 44 File with multiple extensions ending with executable extension
LOW
2017/08/30DDI RULE 44/vinfo/cn/threat-encyclopedia/network/ddi-rule-44
DDI RULE 441 DLL injection - SMB
MEDIUM
2017/08/30DDI RULE 441/vinfo/cn/threat-encyclopedia/network/ddi-rule-441
DDI RULE 2480 DEFRAY - Ransomware - HTTP (Request)
HIGH
2017/08/30DDI RULE 2480/vinfo/cn/threat-encyclopedia/network/ddi-rule-2480
DDI RULE 2477 KOPILUWAK - HTTP (Request)
HIGH
2017/08/28DDI RULE 2477/vinfo/cn/threat-encyclopedia/network/ddi-rule-2477
DDI RULE 2478 DOWNLOADER - HTTP (Request)
HIGH
2017/08/28DDI RULE 2478/vinfo/cn/threat-encyclopedia/network/ddi-rule-2478
DDI RULE 2474 APT - PLEAD - TCP (Request)
HIGH
2017/08/24DDI RULE 2474/vinfo/cn/threat-encyclopedia/network/ddi-rule-2474
DDI RULE 2475 CVE-2017-8620 - Remote Code Execution - SMB (Request)
HIGH
2017/08/24DDI RULE 2475/vinfo/cn/threat-encyclopedia/network/ddi-rule-2475
DDI RULE 2476 CVE-2017-8620 - Remote Code Execution - SMB2 (Request)
HIGH
2017/08/24DDI RULE 2476/vinfo/cn/threat-encyclopedia/network/ddi-rule-2476
DDI RULE 1465 MALEX - HTTP (Request) - Variant 2
HIGH
2017/08/23DDI RULE 1465/vinfo/cn/threat-encyclopedia/network/ddi-rule-1465
DDI RULE 917 MALEX - HTTP (Request)
HIGH
2017/08/23DDI RULE 917/vinfo/cn/threat-encyclopedia/network/ddi-rule-917
DDI RULE 1544 Possible CAPHAW DNS Response
HIGH
2017/08/22DDI RULE 1544/vinfo/cn/threat-encyclopedia/network/ddi-rule-1544
DDI RULE 1542 Possible CONFICKER DNS Response
HIGH
2017/08/22DDI RULE 1542/vinfo/cn/threat-encyclopedia/network/ddi-rule-1542
DDI RULE 1629 DISCPY - HTTP (Request)
MEDIUM
2017/08/22DDI RULE 1629/vinfo/cn/threat-encyclopedia/network/ddi-rule-1629
DDI RULE 1489 APT - ZAPCHAST - HTTP (Request)
HIGH
2017/08/15DDI RULE 1489/vinfo/cn/threat-encyclopedia/network/ddi-rule-1489
DDI RULE 1526 APT - ZAPCHAST - HTTP (Request) - Variant 4
HIGH
2017/08/15DDI RULE 1526/vinfo/cn/threat-encyclopedia/network/ddi-rule-1526
DDI RULE 1413 APT - ZEGOST - HTTP (Request) - Variant 6
HIGH
2017/08/15DDI RULE 1413/vinfo/cn/threat-encyclopedia/network/ddi-rule-1413
DDI RULE 1154 APT - ZEGOST - HTTP (Request) - Variant 3
HIGH
2017/08/15DDI RULE 1154/vinfo/cn/threat-encyclopedia/network/ddi-rule-1154
DDI RULE 1145 APT - ZEGOST - HTTP (Request) - Variant 4
HIGH
2017/08/15DDI RULE 1145/vinfo/cn/threat-encyclopedia/network/ddi-rule-1145
DDI RULE 932 APT - ZAPCHAST - HTTP (Request) - Variant 3
HIGH
2017/08/15DDI RULE 932/vinfo/cn/threat-encyclopedia/network/ddi-rule-932
DDI RULE 548 APT - ZEGOST - HTTP (Request)
HIGH
2017/08/15DDI RULE 548/vinfo/cn/threat-encyclopedia/network/ddi-rule-548
DDI RULE 55 File name with multiple consecutive spaces and executable extension
HIGH
2017/08/15DDI RULE 55/vinfo/cn/threat-encyclopedia/network/ddi-rule-55
DDI RULE 2471 SMBLORIS Exploit - SMB (Request)
HIGH
2017/08/15DDI RULE 2471/vinfo/cn/threat-encyclopedia/network/ddi-rule-2471
DDI RULE 649 ZEUS - HTTP (Request)
HIGH
2017/08/14DDI RULE 649/vinfo/cn/threat-encyclopedia/network/ddi-rule-649
DDI RULE 2473 HADESLOCK - Ransomware - HTTP (Request)
HIGH
2017/08/10DDI RULE 2473/vinfo/cn/threat-encyclopedia/network/ddi-rule-2473
DDI RULE 468 AUTORUN - HTTP (Request) - Variant 16
MEDIUM
2017/08/10DDI RULE 468/vinfo/cn/threat-encyclopedia/network/ddi-rule-468
DDI RULE 2465 INFOSTEAL - HTTP (Request) - Variant 2
HIGH
2017/08/09DDI RULE 2465/vinfo/cn/threat-encyclopedia/network/ddi-rule-2465
DDI RULE 2468 TACKBIT - TCP (Request)
HIGH
2017/08/08DDI RULE 2468/vinfo/cn/threat-encyclopedia/network/ddi-rule-2468
DDI RULE 2464 GOODOR - HTTP (Request)
HIGH
2017/08/03DDI RULE 2464/vinfo/cn/threat-encyclopedia/network/ddi-rule-2464
DDI RULE 2306 KVNDM - HTTP (Request)
HIGH
2017/08/02DDI RULE 2306/vinfo/cn/threat-encyclopedia/network/ddi-rule-2306
DDI RULE 2466 Accessed non-existing administrative share - SMB
LOW
2017/08/01DDI RULE 2466/vinfo/cn/threat-encyclopedia/network/ddi-rule-2466
DDI RULE 2467 RETEFE - HTTP (Response)
HIGH
2017/08/01DDI RULE 2467/vinfo/cn/threat-encyclopedia/network/ddi-rule-2467
DDI RULE 2455 APT - MICROPSIA - HTTP (Request)
HIGH
2017/08/01DDI RULE 2455/vinfo/cn/threat-encyclopedia/network/ddi-rule-2455
DDI RULE 612 Scheduled tasks via SMB protocol detected
HIGH
2017/08/01DDI RULE 612/vinfo/cn/threat-encyclopedia/network/ddi-rule-612
DDI RULE 2313 CVE-2017-3823 - WebEx Browser Extension Exploit - HTTP (Response)
HIGH
2017/07/31DDI RULE 2313/vinfo/cn/threat-encyclopedia/network/ddi-rule-2313
DDI RULE 2442 Possible PsExec PETYA - Ransomware - SMB
MEDIUM
2017/07/27DDI RULE 2442/vinfo/cn/threat-encyclopedia/network/ddi-rule-2442
DDI RULE 2440 CVE-2015-5374 - SIEMENS SIPROTECT DENIAL OF SERVICE - UDP (Request)
MEDIUM
2017/07/27DDI RULE 2440/vinfo/cn/threat-encyclopedia/network/ddi-rule-2440
DDI RULE 1301 DELF - HTTP (Request)
HIGH
2017/07/26DDI RULE 1301/vinfo/cn/threat-encyclopedia/network/ddi-rule-1301
DDI RULE 2462 KOVTER - HTTP (Request) - Variant 2
HIGH
2017/07/26DDI RULE 2462/vinfo/cn/threat-encyclopedia/network/ddi-rule-2462
DDI RULE 2458 COMMAND INJECTION IN URI - HTTP
HIGH
2017/07/26DDI RULE 2458/vinfo/cn/threat-encyclopedia/network/ddi-rule-2458
DDI RULE 1319 ONESCAN - HTTP (Request) - Variant 2
HIGH
2017/07/25DDI RULE 1319/vinfo/cn/threat-encyclopedia/network/ddi-rule-1319
DDI RULE 1335 FAREIT - HTTP (Request) - Variant 2
HIGH
2017/07/25DDI RULE 1335/vinfo/cn/threat-encyclopedia/network/ddi-rule-1335

    通过以下社交网站联系我们