Network Content Inspection Rules

Default Rule:  
Enable
Disable
Rule IDRule DescriptionConfidence LevelDDI Default RuleNetwork Content Inspection Pattern Release Date
DDI RULE 2289 Unsuccessful logon - FTP
LOW
2019/08/15DDI RULE 2289/vinfo/cn/threat-encyclopedia/network/ddi-rule-2289
DDI RULE 2290 Possible Brute force - FTP
LOW
2019/08/15DDI RULE 2290/vinfo/cn/threat-encyclopedia/network/ddi-rule-2290
DDI RULE 2547 NETGEAR DGN1000/DGN2200 Remote Code Execution - HTTP (Request)
HIGH
2019/08/15DDI RULE 2547/vinfo/cn/threat-encyclopedia/network/ddi-rule-2547
DDI RULE 4111 CVE-2009-5157 Linksys WAG54G2 RCE Exploit - HTTP (Request)
HIGH
2019/08/15DDI RULE 4111/vinfo/cn/threat-encyclopedia/network/ddi-rule-4111
DDI RULE 4191 CVE-2017-11774 MS Outlook Security Bypass Remote Code Execution - HTTP (Request)
MEDIUM
2019/08/15DDI RULE 4191/vinfo/cn/threat-encyclopedia/network/ddi-rule-4191
DDI RULE 4192 IRIS Remote Command Execution - HTTP (Request)
HIGH
2019/08/15DDI RULE 4192/vinfo/cn/threat-encyclopedia/network/ddi-rule-4192
DDI RULE 4183 Xfinity Gateway RCE Exploit - HTTP (Request)
HIGH
2019/08/14DDI RULE 4183/vinfo/cn/threat-encyclopedia/network/ddi-rule-4183
DDI RULE 4190 RAIL RCE Exploit - HTTP (Request)
HIGH
2019/08/14DDI RULE 4190/vinfo/cn/threat-encyclopedia/network/ddi-rule-4190
DDI RULE 4187 FLIR - Command Injection - HTTP (Request)
HIGH
2019/08/13DDI RULE 4187/vinfo/cn/threat-encyclopedia/network/ddi-rule-4187
DDI RULE 4188 CVE-2014-3914 - Rocket Servergraph - RCE - HTTP (Request)
HIGH
2019/08/13DDI RULE 4188/vinfo/cn/threat-encyclopedia/network/ddi-rule-4188
DDI RULE 4189 Beward N100 RCE Exploit - HTTP (Request)
HIGH
2019/08/13DDI RULE 4189/vinfo/cn/threat-encyclopedia/network/ddi-rule-4189
DDI RULE 4166 CVE-2015-4335 REDIS Eval LUA Sandbox Bypass Exploit - TCP (Request)
HIGH
2019/08/13DDI RULE 4166/vinfo/cn/threat-encyclopedia/network/ddi-rule-4166
DDI RULE 4184 Homematic RCE Exploit - HTTP (Request)
HIGH
2019/08/12DDI RULE 4184/vinfo/cn/threat-encyclopedia/network/ddi-rule-4184
DDI RULE 4185 NXT Eyelock RCE Exploit - HTTP (Request)
HIGH
2019/08/12DDI RULE 4185/vinfo/cn/threat-encyclopedia/network/ddi-rule-4185
DDI RULE 4175 LORD - Exploit Kit - HTTP (Response)
HIGH
2019/08/08DDI RULE 4175/vinfo/cn/threat-encyclopedia/network/ddi-rule-4175
DDI RULE 4167 CAMBIUM RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 4167/vinfo/cn/threat-encyclopedia/network/ddi-rule-4167
DDI RULE 4159 NTOP RCE Exploit - HTTP (Request) - Variant 2
HIGH
2019/08/07DDI RULE 4159/vinfo/cn/threat-encyclopedia/network/ddi-rule-4159
DDI RULE 4160 NTOP RCE Exploit - HTTP (Request) - Variant 3
HIGH
2019/08/07DDI RULE 4160/vinfo/cn/threat-encyclopedia/network/ddi-rule-4160
DDI RULE 4161 NTOP RCE Exploit - HTTP (Request) - Variant 4
HIGH
2019/08/07DDI RULE 4161/vinfo/cn/threat-encyclopedia/network/ddi-rule-4161
DDI RULE 4179 CVE-2017-8917 - JOOMLA - HTTP (Request)
HIGH
2019/08/07DDI RULE 4179/vinfo/cn/threat-encyclopedia/network/ddi-rule-4179
DDI RULE 4112 CVE-2019-12094 Horde Webmail Unauthenticated RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 4112/vinfo/cn/threat-encyclopedia/network/ddi-rule-4112
DDI RULE 4114 CVE-2012-4869 PBX RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 4114/vinfo/cn/threat-encyclopedia/network/ddi-rule-4114
DDI RULE 4125 Mitel Audio RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 4125/vinfo/cn/threat-encyclopedia/network/ddi-rule-4125
DDI RULE 4150 POSSIBLE XSS - HTTP (Request)
MEDIUM
2019/08/07DDI RULE 4150/vinfo/cn/threat-encyclopedia/network/ddi-rule-4150
DDI RULE 2907 CVE-2019-2616 ORACLE BI Pusblisher XXE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 2907/vinfo/cn/threat-encyclopedia/network/ddi-rule-2907
DDI RULE 2914 CVE-2018-15961 - Adobe Cold Fusion Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 2914/vinfo/cn/threat-encyclopedia/network/ddi-rule-2914
DDI RULE 2919 DLINK DWL 26000AP RCE EXPLOIT - HTTP (Request)
HIGH
2019/08/07DDI RULE 2919/vinfo/cn/threat-encyclopedia/network/ddi-rule-2919
DDI RULE 2929 Hadoop Yarn RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 2929/vinfo/cn/threat-encyclopedia/network/ddi-rule-2929
DDI RULE 2938 Dell Kace RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 2938/vinfo/cn/threat-encyclopedia/network/ddi-rule-2938
DDI RULE 2939 CVE-2018-6961 VMWARE NSX RCE EXPLOIT - HTTP (Request)
HIGH
2019/08/07DDI RULE 2939/vinfo/cn/threat-encyclopedia/network/ddi-rule-2939
DDI RULE 2940 CISCO RV Routers RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 2940/vinfo/cn/threat-encyclopedia/network/ddi-rule-2940
DDI RULE 2941 Possible CVE-2019-1663 CISCO RV Routers Buffer Overflow Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 2941/vinfo/cn/threat-encyclopedia/network/ddi-rule-2941
DDI RULE 4100 CVE-2010-5330 UBIQUITY Nanostation5 RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 4100/vinfo/cn/threat-encyclopedia/network/ddi-rule-4100
DDI RULE 4106 Gitorious Unauthenticated RCE Exploit - HTTP (Request)
HIGH
2019/08/07DDI RULE 4106/vinfo/cn/threat-encyclopedia/network/ddi-rule-4106
DDI RULE 2485 CCTV-DVR Remote Code Execution - HTTP (Request)
HIGH
2019/08/07DDI RULE 2485/vinfo/cn/threat-encyclopedia/network/ddi-rule-2485
DDI RULE 2639 CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request)
HIGH
2019/08/06DDI RULE 2639/vinfo/cn/threat-encyclopedia/network/ddi-rule-2639
DDI RULE 4168 CVE-2018-15379 Cisco Prime Infrastructure Remote Command Execution - HTTP (Request)
MEDIUM
2019/08/06DDI RULE 4168/vinfo/cn/threat-encyclopedia/network/ddi-rule-4168
DDI RULE 4169 Linksys Remote Debug Root Shell- HTTP (Request)
HIGH
2019/08/06DDI RULE 4169/vinfo/cn/threat-encyclopedia/network/ddi-rule-4169
DDI RULE 4177 CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request)
HIGH
2019/08/06DDI RULE 4177/vinfo/cn/threat-encyclopedia/network/ddi-rule-4177
DDI RULE 4178 XYMON RCE Exploit - HTTP (Request)
HIGH
2019/08/06DDI RULE 4178/vinfo/cn/threat-encyclopedia/network/ddi-rule-4178
DDI RULE 4172 APT - TONEDEAF - HTTP (Request)
HIGH
2019/08/06DDI RULE 4172/vinfo/cn/threat-encyclopedia/network/ddi-rule-4172
DDI RULE 4164 CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) - Variant 2
HIGH
2019/08/06DDI RULE 4164/vinfo/cn/threat-encyclopedia/network/ddi-rule-4164
DDI RULE 4165 CVE-2019-7238 Nexus Repository Manager RCE Exploit - HTTP (Request)
HIGH
2019/08/06DDI RULE 4165/vinfo/cn/threat-encyclopedia/network/ddi-rule-4165
DDI RULE 4170 CVE-2017-11357 TELERIK File Upload Exploit - HTTP (Request)
HIGH
2019/08/05DDI RULE 4170/vinfo/cn/threat-encyclopedia/network/ddi-rule-4170
DDI RULE 4171 CVE-2013-3763 - Oracle Endeca Sever - HTTP (Request)
HIGH
2019/08/05DDI RULE 4171/vinfo/cn/threat-encyclopedia/network/ddi-rule-4171
DDI RULE 4173 GHOSTDNS - Exploit Kit - HTTP (Response) - Variant 2
HIGH
2019/08/05DDI RULE 4173/vinfo/cn/threat-encyclopedia/network/ddi-rule-4173
DDI RULE 4174 DNS Changer Exploit - HTTP (Request)
HIGH
2019/08/05DDI RULE 4174/vinfo/cn/threat-encyclopedia/network/ddi-rule-4174
DDI RULE 4115 CVE-2009-2288 - NAGIOS - HTTP (Request)
HIGH
2019/08/05DDI RULE 4115/vinfo/cn/threat-encyclopedia/network/ddi-rule-4115
DDI RULE 4116 CVE-2012-0262 - OPS5CONFIG - HTTP (Request)
HIGH
2019/08/05DDI RULE 4116/vinfo/cn/threat-encyclopedia/network/ddi-rule-4116
DDI RULE 4107 CVE-2011-3587 - PLONE - HTTP (Request)
MEDIUM
2019/08/05DDI RULE 4107/vinfo/cn/threat-encyclopedia/network/ddi-rule-4107
DDI RULE 4108 CVE-2003-0050 - QUICKTIME - HTTP (Request)
HIGH
2019/08/05DDI RULE 4108/vinfo/cn/threat-encyclopedia/network/ddi-rule-4108
DDI RULE 4109 OP5MONITOR - HTTP (Request)
HIGH
2019/08/05DDI RULE 4109/vinfo/cn/threat-encyclopedia/network/ddi-rule-4109
DDI RULE 4110 CVE-2005-2773 - HP OPENVIEW NETWORK NODE MANAGER- HTTP (Request)
HIGH
2019/08/05DDI RULE 4110/vinfo/cn/threat-encyclopedia/network/ddi-rule-4110
DDI RULE 4102 WEBMIN - Command Execution - HTTP (Request)
HIGH
2019/08/05DDI RULE 4102/vinfo/cn/threat-encyclopedia/network/ddi-rule-4102
DDI RULE 2942 CVE-2019-1003000 - JENKINS - HTTP (Request)
HIGH
2019/08/05DDI RULE 2942/vinfo/cn/threat-encyclopedia/network/ddi-rule-2942
DDI RULE 2948 CVE-2018-11510 - Asustor ADM - Command Injection - HTTP (Request)
HIGH
2019/08/05DDI RULE 2948/vinfo/cn/threat-encyclopedia/network/ddi-rule-2948
DDI RULE 2950 CVE-2017-5174 - GEUTEBRUCK - Command Injection - HTTP (Request)
HIGH
2019/08/05DDI RULE 2950/vinfo/cn/threat-encyclopedia/network/ddi-rule-2950
DDI RULE 2934 LG NAS - Command Injection - HTTP (Request)
HIGH
2019/08/05DDI RULE 2934/vinfo/cn/threat-encyclopedia/network/ddi-rule-2934
DDI RULE 2935 OPENDREAMBOX - Command Injection - HTTP (Request)
HIGH
2019/08/05DDI RULE 2935/vinfo/cn/threat-encyclopedia/network/ddi-rule-2935
DDI RULE 2936 CVE-2019-3929 - BLACKBOX - COMMAND INJECTION - HTTP (Request)
HIGH
2019/08/05DDI RULE 2936/vinfo/cn/threat-encyclopedia/network/ddi-rule-2936
DDI RULE 2937 CVE-2019-10867 - PIMCORE - Unserialize RCE - HTTP (Request)
HIGH
2019/08/05DDI RULE 2937/vinfo/cn/threat-encyclopedia/network/ddi-rule-2937
DDI RULE 2341 COBALTSTRIKE - HTTP (Request)
HIGH
2019/08/05DDI RULE 2341/vinfo/cn/threat-encyclopedia/network/ddi-rule-2341
DDI RULE 2452 Wget Commandline Injection
MEDIUM
2019/07/31DDI RULE 2452/vinfo/cn/threat-encyclopedia/network/ddi-rule-2452
DDI RULE 2678 CVE-2014-3120 - ElasticSearch Remote Code Execution Exploit - HTTP (Request)
HIGH
2019/07/24DDI RULE 2678/vinfo/cn/threat-encyclopedia/network/ddi-rule-2678
DDI RULE 4152 COBALTSTRIKE - HTTP (Response)
HIGH
2019/07/24DDI RULE 4152/vinfo/cn/threat-encyclopedia/network/ddi-rule-4152
DDI RULE 4154 CVE-2019-11580 Atlassian RCE Exploit - HTTP (Request)
HIGH
2019/07/24DDI RULE 4154/vinfo/cn/threat-encyclopedia/network/ddi-rule-4154
DDI RULE 4133 ASTAROTH JSON - HTTP (Response)
HIGH
2019/07/24DDI RULE 4133/vinfo/cn/threat-encyclopedia/network/ddi-rule-4133
DDI RULE 4163 Possible CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request)
LOW
2019/07/24DDI RULE 4163/vinfo/cn/threat-encyclopedia/network/ddi-rule-4163
DDI RULE 4156 ECH0RAIX - Ransomware - HTTP (Request)
HIGH
2019/07/22DDI RULE 4156/vinfo/cn/threat-encyclopedia/network/ddi-rule-4156
DDI RULE 4157 NTOP RCE Exploit - HTTP (Request)
HIGH
2019/07/22DDI RULE 4157/vinfo/cn/threat-encyclopedia/network/ddi-rule-4157
DDI RULE 1122 Office Document File Internal Transfer
LOW
2019/07/22DDI RULE 1122/vinfo/cn/threat-encyclopedia/network/ddi-rule-1122
DDI RULE 1123 Office Document File Upload
LOW
2019/07/22DDI RULE 1123/vinfo/cn/threat-encyclopedia/network/ddi-rule-1123
DDI RULE 1119 HTTP Request - Hostname is an IP address
LOW
2019/07/22DDI RULE 1119/vinfo/cn/threat-encyclopedia/network/ddi-rule-1119
DDI RULE 4155 EICAR COBALTSTRIKE - HTTP (Response)
HIGH
2019/07/18DDI RULE 4155/vinfo/cn/threat-encyclopedia/network/ddi-rule-4155
DDI RULE 4153 COBALTSTRIKE - HTTP (Request) - Variant 2
HIGH
2019/07/18DDI RULE 4153/vinfo/cn/threat-encyclopedia/network/ddi-rule-4153
DDI RULE 4138 ICEDID - HTTP (Request) - Variant 2
HIGH
2019/07/18DDI RULE 4138/vinfo/cn/threat-encyclopedia/network/ddi-rule-4138
DDI RULE 4139 ICEDID - HTTP (Response)
HIGH
2019/07/18DDI RULE 4139/vinfo/cn/threat-encyclopedia/network/ddi-rule-4139
DDI RULE 4151 WANNALOCKER - Ransomware - HTTP (Request)
HIGH
2019/07/17DDI RULE 4151/vinfo/cn/threat-encyclopedia/network/ddi-rule-4151
DDI RULE 4149 Possible CVE-2019-1040 MS NTLM Tampering Exploit - SMB (Request)
LOW
2019/07/16DDI RULE 4149/vinfo/cn/threat-encyclopedia/network/ddi-rule-4149
DDI RULE 4132 SHELLBOT - IRC (Request)
HIGH
2019/07/16DDI RULE 4132/vinfo/cn/threat-encyclopedia/network/ddi-rule-4132
DDI RULE 4140 INFOSTEAL - HTTP (Request) - Variant 6
HIGH
2019/07/15DDI RULE 4140/vinfo/cn/threat-encyclopedia/network/ddi-rule-4140
DDI RULE 4136 ECH0RAIX - Ransomware - TCP (Request)
HIGH
2019/07/12DDI RULE 4136/vinfo/cn/threat-encyclopedia/network/ddi-rule-4136
DDI RULE 4121 Dogfood CRM spell.php Remote Command Execution - HTTP (Request)
HIGH
2019/07/11DDI RULE 4121/vinfo/cn/threat-encyclopedia/network/ddi-rule-4121
DDI RULE 4123 Redmine SCM Repository 0.9.x/1.0.x - Remote Command Execution - HTTP (Request)
HIGH
2019/07/11DDI RULE 4123/vinfo/cn/threat-encyclopedia/network/ddi-rule-4123
DDI RULE 2578 CVE-2017-17215 - Remote Code Execution - HTTP (Request)
HIGH
2019/07/10DDI RULE 2578/vinfo/cn/threat-encyclopedia/network/ddi-rule-2578
DDI RULE 4122 CTEK SkyRouter 4200/4300 - Command Execution - HTTP (Request)
HIGH
2019/07/10DDI RULE 4122/vinfo/cn/threat-encyclopedia/network/ddi-rule-4122
DDI RULE 4119 Awstats Remote Command Injection - HTTP (Request)
HIGH
2019/07/10DDI RULE 4119/vinfo/cn/threat-encyclopedia/network/ddi-rule-4119
DDI RULE 4120 CVE-2005-2847 Barracuda IMG.pl Remote Command Execution - HTTP (Request)
HIGH
2019/07/10DDI RULE 4120/vinfo/cn/threat-encyclopedia/network/ddi-rule-4120
DDI RULE 4105 POSSIBLE MALICIOUS CHROME EXTENSION - HTTP (Request)
MEDIUM
2019/07/10DDI RULE 4105/vinfo/cn/threat-encyclopedia/network/ddi-rule-4105
DDI RULE 4130 APT - NFLOG - HTTP (Request) - Variant 2
HIGH
2019/07/09DDI RULE 4130/vinfo/cn/threat-encyclopedia/network/ddi-rule-4130
DDI RULE 4131 NANOCORE - TCP (Request)
HIGH
2019/07/09DDI RULE 4131/vinfo/cn/threat-encyclopedia/network/ddi-rule-4131
DDI RULE 4118 CVE-2007-3010 Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 Command Injection - HTTP (Request)
HIGH
2019/07/09DDI RULE 4118/vinfo/cn/threat-encyclopedia/network/ddi-rule-4118
DDI RULE 4127 Suspicious PowerQuery - HTTP (Response)
MEDIUM
2019/07/08DDI RULE 4127/vinfo/cn/threat-encyclopedia/network/ddi-rule-4127
DDI RULE 4124 GetShell CKNIFE - HTTP (Request)
HIGH
2019/07/08DDI RULE 4124/vinfo/cn/threat-encyclopedia/network/ddi-rule-4124
DDI RULE 2846 SPELEVO - Exploit Kit -HTTP (Response)
HIGH
2019/07/04DDI RULE 2846/vinfo/cn/threat-encyclopedia/network/ddi-rule-2846
DDI RULE 4117 Spreecommerce 0.60.1 - Remote Command Execution - HTTP (Request)
HIGH
2019/07/02DDI RULE 4117/vinfo/cn/threat-encyclopedia/network/ddi-rule-4117
DDI RULE 4113 CVE-2019-12095 Horde Webmail Unauthenticated XSS Exploit - HTTP (Request)
HIGH
2019/07/01DDI RULE 4113/vinfo/cn/threat-encyclopedia/network/ddi-rule-4113
DDI RULE 4103 Daemon DD-WRT Unauthenticated RCE Exploit - HTTP (Request)
HIGH
2019/06/26DDI RULE 4103/vinfo/cn/threat-encyclopedia/network/ddi-rule-4103
DDI RULE 4104 Asmax RCE Exploit - HTTP (Request)
HIGH
2019/06/26DDI RULE 4104/vinfo/cn/threat-encyclopedia/network/ddi-rule-4104
DDI RULE 2943 CVE-2013-5758 Yealink VoIP Phone SIP-T38G RCE - HTTP (Request)
HIGH
2019/06/26DDI RULE 2943/vinfo/cn/threat-encyclopedia/network/ddi-rule-2943
DDI RULE 2903 Oracle Weblogic Remote Command Execution Exploit - HTTP (Request)
HIGH
2019/06/25DDI RULE 2903/vinfo/cn/threat-encyclopedia/network/ddi-rule-2903
DDI RULE 2871 possible Directory Traversal Exploit Attempted - URI Variable/URI Path - HTTP (Request)
HIGH
2019/06/25DDI RULE 2871/vinfo/cn/threat-encyclopedia/network/ddi-rule-2871
DDI RULE 1184 possible Directory Traversal Exploit Attempted - Messagebody - HTTP (Request)
LOW
2019/06/25DDI RULE 1184/vinfo/cn/threat-encyclopedia/network/ddi-rule-1184
DDI RULE 2172 NULL BYTES - HTTP (Request)
LOW
2019/06/24DDI RULE 2172/vinfo/cn/threat-encyclopedia/network/ddi-rule-2172
DDI RULE 2811 CVE-2018-15887 Asus device Remote code Execution Exploit- HTTP (Request)
HIGH
2019/06/24DDI RULE 2811/vinfo/cn/threat-encyclopedia/network/ddi-rule-2811
DDI RULE 2786 ThinkPHP 5x Remote Code Execution - HTTP (Request)
HIGH
2019/06/24DDI RULE 2786/vinfo/cn/threat-encyclopedia/network/ddi-rule-2786
DDI RULE 2949 CVE-2013-5948 Asus device Remote code Execution Exploit- HTTP (Request)
HIGH
2019/06/24DDI RULE 2949/vinfo/cn/threat-encyclopedia/network/ddi-rule-2949
DDI RULE 4101 CVE-2019-10149 Exim Remote Code Execution Exploit - SMTP (Request) - Variant 2
HIGH
2019/06/24DDI RULE 4101/vinfo/cn/threat-encyclopedia/network/ddi-rule-4101
DDI RULE 2921 Possible Vulnerable Channel - RDP (Request) - Variant 2
LOW
2019/06/12DDI RULE 2921/vinfo/cn/threat-encyclopedia/network/ddi-rule-2921
DDI RULE 2922 CVE-2014-6287 Rejetto HttpFileServer RCE Exploit - HTTP (Request)
HIGH
2019/06/11DDI RULE 2922/vinfo/cn/threat-encyclopedia/network/ddi-rule-2922
DDI RULE 2898 Weblogic Unauthenticated RCE Exploit- HTTP (Request)
MEDIUM
2019/06/11DDI RULE 2898/vinfo/cn/threat-encyclopedia/network/ddi-rule-2898
DDI RULE 2933 HIDDENWASP - TCP Connection
HIGH
2019/06/11DDI RULE 2933/vinfo/cn/threat-encyclopedia/network/ddi-rule-2933
DDI RULE 2825 CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request)
HIGH
2019/06/10DDI RULE 2825/vinfo/cn/threat-encyclopedia/network/ddi-rule-2825
DDI RULE 2858 CVE-2019-1652 CISCO UNAUTHENTICATED RCE - HTTP (Request)
HIGH
2019/06/10DDI RULE 2858/vinfo/cn/threat-encyclopedia/network/ddi-rule-2858
DDI RULE 2894 CVE-2019-0192 Apache SOLR RCE Exploit - HTTP (Request)
HIGH
2019/06/10DDI RULE 2894/vinfo/cn/threat-encyclopedia/network/ddi-rule-2894
DDI RULE 2895 CVE-2014-9727 Fritz RCE Exploit - HTTP (Request)
HIGH
2019/06/10DDI RULE 2895/vinfo/cn/threat-encyclopedia/network/ddi-rule-2895
DDI RULE 2896 Fritz RCE Exploit - HTTP (Request)
HIGH
2019/06/10DDI RULE 2896/vinfo/cn/threat-encyclopedia/network/ddi-rule-2896
DDI RULE 2874 ZEROSHELL RCE EXPLOIT - HTTP (Request)
HIGH
2019/06/10DDI RULE 2874/vinfo/cn/threat-encyclopedia/network/ddi-rule-2874
DDI RULE 2638 CVE-2018-7602 - Remote Code Execution - HTTP (Request)
HIGH
2019/06/06DDI RULE 2638/vinfo/cn/threat-encyclopedia/network/ddi-rule-2638
DDI RULE 2884 CVE-2018-19127 PHPCMS2008 Code Injection - HTTP (Request)
HIGH
2019/06/06DDI RULE 2884/vinfo/cn/threat-encyclopedia/network/ddi-rule-2884
DDI RULE 2930 Possible RIG Exploit Kit - HTTP (Request)
LOW
2019/06/06DDI RULE 2930/vinfo/cn/threat-encyclopedia/network/ddi-rule-2930
DDI RULE 2931 HIDDENWASP - TCP (Request)
HIGH
2019/06/06DDI RULE 2931/vinfo/cn/threat-encyclopedia/network/ddi-rule-2931
DDI RULE 2932 HIDDENWASP - TCP (Response)
HIGH
2019/06/06DDI RULE 2932/vinfo/cn/threat-encyclopedia/network/ddi-rule-2932
DDI RULE 3 Suspicious executable file extension - Variant 2
HIGH
2019/06/06DDI RULE 3/vinfo/cn/threat-encyclopedia/network/ddi-rule-3
DDI RULE 30 Email/Instant message containing malicious URL
HIGH
2019/06/06DDI RULE 30/vinfo/cn/threat-encyclopedia/network/ddi-rule-30
DDI RULE 2348 CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request)
HIGH
2019/06/06DDI RULE 2348/vinfo/cn/threat-encyclopedia/network/ddi-rule-2348
DDI RULE 2927 Possible WEBSHELL Command - HTTP (Request)
MEDIUM
2019/06/05DDI RULE 2927/vinfo/cn/threat-encyclopedia/network/ddi-rule-2927
DDI RULE 2917 CVE-2019-3719 Dell Support Assist RCE - HTTP (Request)
HIGH
2019/06/05DDI RULE 2917/vinfo/cn/threat-encyclopedia/network/ddi-rule-2917
DDI RULE 2928 EANVER Webshell - HTTP (Request)
HIGH
2019/06/04DDI RULE 2928/vinfo/cn/threat-encyclopedia/network/ddi-rule-2928
DDI RULE 2924 Possible PHP Admin Bruteforce - HTTP (Request)
LOW
2019/06/04DDI RULE 2924/vinfo/cn/threat-encyclopedia/network/ddi-rule-2924
DDI RULE 2925 HAWKEYE - SMTP (Request)
HIGH
2019/06/04DDI RULE 2925/vinfo/cn/threat-encyclopedia/network/ddi-rule-2925
DDI RULE 2926 WePresent WiPG1000 Command Injection - HTTP (Request)
HIGH
2019/06/04DDI RULE 2926/vinfo/cn/threat-encyclopedia/network/ddi-rule-2926
DDI RULE 2132 NEUTRINO - Exploit Kit - HTTP (Request) - Variant 2
LOW
2019/06/04DDI RULE 2132/vinfo/cn/threat-encyclopedia/network/ddi-rule-2132
DDI RULE 2776 Possible XML External Entity Attack - HTTP (Response)
MEDIUM
2019/06/03DDI RULE 2776/vinfo/cn/threat-encyclopedia/network/ddi-rule-2776
DDI RULE 2923 BLASQUI Webshell - HTTP (Request)
HIGH
2019/05/30DDI RULE 2923/vinfo/cn/threat-encyclopedia/network/ddi-rule-2923
DDI RULE 2920 JNAP Information Disclosure Attempt - HTTP (Request)
MEDIUM
2019/05/29DDI RULE 2920/vinfo/cn/threat-encyclopedia/network/ddi-rule-2920
DDI RULE 2918 CVE-2018-7841 - SCHNEIDER ELECTRIC - HTTP (Request)
HIGH
2019/05/23DDI RULE 2918/vinfo/cn/threat-encyclopedia/network/ddi-rule-2918
DDI RULE 2913 Possible Vulnerable Channel - RDP (Request)
LOW
2019/05/23DDI RULE 2913/vinfo/cn/threat-encyclopedia/network/ddi-rule-2913
DDI RULE 2770 Possible XML Information Disclosure - HTTP (Response)
HIGH
2019/05/21DDI RULE 2770/vinfo/cn/threat-encyclopedia/network/ddi-rule-2770
DDI RULE 2889 ANTSWORD - HTTP (Request)
HIGH
2019/05/21DDI RULE 2889/vinfo/cn/threat-encyclopedia/network/ddi-rule-2889
DDI RULE 2885 Remote Code Execution - EXPLOIT - HTTP (Request) - Variant 6
HIGH
2019/05/20DDI RULE 2885/vinfo/cn/threat-encyclopedia/network/ddi-rule-2885
DDI RULE 2912 CVE-2019-0604 SharePoint Remote Code Execution Exploit - HTTP (Request)
MEDIUM
2019/05/20DDI RULE 2912/vinfo/cn/threat-encyclopedia/network/ddi-rule-2912
DDI RULE 2915 ASLIROR - HTTP (Request)
HIGH
2019/05/20DDI RULE 2915/vinfo/cn/threat-encyclopedia/network/ddi-rule-2915
DDI RULE 2916 FUNARECHBOT - TCP (Request)
HIGH
2019/05/20DDI RULE 2916/vinfo/cn/threat-encyclopedia/network/ddi-rule-2916
DDI RULE 2911 HYPERSHELL - WEBSHELL - HTTP (Request)
HIGH
2019/05/15DDI RULE 2911/vinfo/cn/threat-encyclopedia/network/ddi-rule-2911
DDI RULE 2877 CVE-2019-0232 Apache Tomcat RCE - HTTP (Request)
HIGH
2019/05/15DDI RULE 2877/vinfo/cn/threat-encyclopedia/network/ddi-rule-2877
DDI RULE 2908 CVE-2018-16509 GHOSTSCRIPT UNAUTHENTICATED - HTTP (Request)
HIGH
2019/05/13DDI RULE 2908/vinfo/cn/threat-encyclopedia/network/ddi-rule-2908
DDI RULE 2071 CERBER - Ransomware - UDP
HIGH
2019/05/13DDI RULE 2071/vinfo/cn/threat-encyclopedia/network/ddi-rule-2071
DDI RULE 2904 Possible IE Exploit - HTTP (Response) - Variant 5
HIGH
2019/05/09DDI RULE 2904/vinfo/cn/threat-encyclopedia/network/ddi-rule-2904
DDI RULE 2905 Possible IE Exploit - HTTP (Response) - Variant 6
HIGH
2019/05/09DDI RULE 2905/vinfo/cn/threat-encyclopedia/network/ddi-rule-2905
DDI RULE 2906 CVE-2017-8046 - SPRINGDATA - HTTP (Request)
HIGH
2019/05/09DDI RULE 2906/vinfo/cn/threat-encyclopedia/network/ddi-rule-2906
DDI RULE 2886 CVE-2018-1270 - SPRINGDATA - HTTP (Request)
HIGH
2019/05/09DDI RULE 2886/vinfo/cn/threat-encyclopedia/network/ddi-rule-2886
DDI RULE 2899 CVE-2018-1000861 - JENKINS - HTTP (Request)
HIGH
2019/05/09DDI RULE 2899/vinfo/cn/threat-encyclopedia/network/ddi-rule-2899
DDI RULE 2901 CVE-2014-0160 Malformed Heartbeat - SSL (Response) - Variant 2
MEDIUM
2019/05/08DDI RULE 2901/vinfo/cn/threat-encyclopedia/network/ddi-rule-2901
DDI RULE 2902 SAP Gateway Remote Code Execution Exploit - TCP
MEDIUM
2019/05/08DDI RULE 2902/vinfo/cn/threat-encyclopedia/network/ddi-rule-2902
DDI RULE 2900 Possible PNG Exploit - HTTP (Request)
MEDIUM
2019/05/07DDI RULE 2900/vinfo/cn/threat-encyclopedia/network/ddi-rule-2900
DDI RULE 1879 Possible COREBOT DNS Response
MEDIUM
2019/05/07DDI RULE 1879/vinfo/cn/threat-encyclopedia/network/ddi-rule-1879
DDI RULE 2880 CVE-2019-5418 - RUBY ON RAILS - FILE CONTENT DISCLOSURE - HTTP (Request)
HIGH
2019/05/03DDI RULE 2880/vinfo/cn/threat-encyclopedia/network/ddi-rule-2880
DDI RULE 2892 NAMECOIN - HTTP (Request)
HIGH
2019/05/02DDI RULE 2892/vinfo/cn/threat-encyclopedia/network/ddi-rule-2892
DDI RULE 2893 JEXBOSS - HTTP (Request)
HIGH
2019/05/02DDI RULE 2893/vinfo/cn/threat-encyclopedia/network/ddi-rule-2893
DDI RULE 2890 INFOSTEAL - HTTP (Request) - Variant 5
HIGH
2019/04/30DDI RULE 2890/vinfo/cn/threat-encyclopedia/network/ddi-rule-2890
DDI RULE 2891 EMPIRE - HTTP (Request) - Variant 3
HIGH
2019/04/30DDI RULE 2891/vinfo/cn/threat-encyclopedia/network/ddi-rule-2891
DDI RULE 2887 CVE-2019-3396 - ATLASSIAN CONFLUENCE - HTTP (Request)
HIGH
2019/04/25DDI RULE 2887/vinfo/cn/threat-encyclopedia/network/ddi-rule-2887
DDI RULE 2888 FASTJSON Deserialization Exploit - HTTP (Request)
HIGH
2019/04/25DDI RULE 2888/vinfo/cn/threat-encyclopedia/network/ddi-rule-2888
DDI RULE 29 Unregistered sender and recipient domains - Email
LOW
2019/04/24DDI RULE 29/vinfo/cn/threat-encyclopedia/network/ddi-rule-29
DDI RULE 2883 Possible PUT Header Scanner - HTTP (Response)
LOW
2019/04/24DDI RULE 2883/vinfo/cn/threat-encyclopedia/network/ddi-rule-2883
DDI RULE 2881 HYDRA WEBSHELL - HTTP (Request)
HIGH
2019/04/23DDI RULE 2881/vinfo/cn/threat-encyclopedia/network/ddi-rule-2881
DDI RULE 2878 APT - POORWEB - HTTP (Request)
HIGH
2019/04/23DDI RULE 2878/vinfo/cn/threat-encyclopedia/network/ddi-rule-2878
DDI RULE 2879 IIS - SCANNER - HTTP (Request)
MEDIUM
2019/04/22DDI RULE 2879/vinfo/cn/threat-encyclopedia/network/ddi-rule-2879
DDI RULE 2342 IMEIJ - TCP
HIGH
2019/04/18DDI RULE 2342/vinfo/cn/threat-encyclopedia/network/ddi-rule-2342
DDI RULE 2875 CVE-2011-1966 DNS NAPTR QUERY EXPLOIT - DNS (Response)
HIGH
2019/04/17DDI RULE 2875/vinfo/cn/threat-encyclopedia/network/ddi-rule-2875
DDI RULE 2876 PCASTLE - HTTP (Response)
HIGH
2019/04/17DDI RULE 2876/vinfo/cn/threat-encyclopedia/network/ddi-rule-2876
DDI RULE 2600 CVE-2017-10271 - Oracle Weblogic Exploit - HTTP (Request)
HIGH
2019/04/16DDI RULE 2600/vinfo/cn/threat-encyclopedia/network/ddi-rule-2600
DDI RULE 2872 XWO - Backdoor - HTTP (Request)
HIGH
2019/04/11DDI RULE 2872/vinfo/cn/threat-encyclopedia/network/ddi-rule-2872
DDI RULE 2873 THINKPHP SQL INJECT Exploit - HTTP (Request)
HIGH
2019/04/10DDI RULE 2873/vinfo/cn/threat-encyclopedia/network/ddi-rule-2873
DDI RULE 2869 CANITMUP - HTTP (Request)
HIGH
2019/04/10DDI RULE 2869/vinfo/cn/threat-encyclopedia/network/ddi-rule-2869
DDI RULE 2870 IPCAMERA - EXPLOIT - RCE - HTTP (Request)
HIGH
2019/04/09DDI RULE 2870/vinfo/cn/threat-encyclopedia/network/ddi-rule-2870
DDI RULE 2867 BELKIN Router - HTTP (Request) - Variant 2
HIGH
2019/04/09DDI RULE 2867/vinfo/cn/threat-encyclopedia/network/ddi-rule-2867
DDI RULE 2868 ZTE Router - HTTP (Request) - Variant 2
HIGH
2019/04/09DDI RULE 2868/vinfo/cn/threat-encyclopedia/network/ddi-rule-2868
DDI RULE 1645 Possible Self-Signed SSL certificate detected
MEDIUM
2019/04/09DDI RULE 1645/vinfo/cn/threat-encyclopedia/network/ddi-rule-1645
DDI RULE 2526 NECURS - HTTP (Request) - Variant 2
HIGH
2019/04/09DDI RULE 2526/vinfo/cn/threat-encyclopedia/network/ddi-rule-2526
DDI RULE 2865 CVE-2018-17173 LG Supersign Remote Code Execution - HTTP (Request)
HIGH
2019/04/08DDI RULE 2865/vinfo/cn/threat-encyclopedia/network/ddi-rule-2865
DDI RULE 2866 MICASAVERDE VERALITE - Remote Code Execution - HTTP (Request)
HIGH
2019/04/08DDI RULE 2866/vinfo/cn/threat-encyclopedia/network/ddi-rule-2866
DDI RULE 2861 ShadowHammer - DNS (Response)
HIGH
2019/04/04DDI RULE 2861/vinfo/cn/threat-encyclopedia/network/ddi-rule-2861
DDI RULE 2816 PHP DIESCAN - HTTP (Request)
HIGH
2019/04/04DDI RULE 2816/vinfo/cn/threat-encyclopedia/network/ddi-rule-2816
DDI RULE 2568 COBALTSTRIKE - DNS (Response)
HIGH
2019/04/04DDI RULE 2568/vinfo/cn/threat-encyclopedia/network/ddi-rule-2568
DDI RULE 2569 TOXOCARA - DNS (Response)
HIGH
2019/04/04DDI RULE 2569/vinfo/cn/threat-encyclopedia/network/ddi-rule-2569
DDI RULE 1084 RED OCTOBER ATTACK DNS Response - Class 1
HIGH
2019/04/04DDI RULE 1084/vinfo/cn/threat-encyclopedia/network/ddi-rule-1084
DDI RULE 1009 PE_XPAJ DNS Response - Class 1
HIGH
2019/04/04DDI RULE 1009/vinfo/cn/threat-encyclopedia/network/ddi-rule-1009
DDI RULE 1734 RANSOM CRYPCTB DNS Connection detected
HIGH
2019/04/04DDI RULE 1734/vinfo/cn/threat-encyclopedia/network/ddi-rule-1734
DDI RULE 1779 RANSOM CRILOCK DNS Connection
HIGH
2019/04/04DDI RULE 1779/vinfo/cn/threat-encyclopedia/network/ddi-rule-1779
DDI RULE 1845 RANSOM CRYPRAAS DNS Connection detected
HIGH
2019/04/04DDI RULE 1845/vinfo/cn/threat-encyclopedia/network/ddi-rule-1845
DDI RULE 2000 Metasploit(Payload) - Reverse DLL Inject - TCP (Response)
HIGH
2019/04/04DDI RULE 2000/vinfo/cn/threat-encyclopedia/network/ddi-rule-2000
DDI RULE 2043 OSX KeRanger DNS Connection detected
HIGH
2019/04/04DDI RULE 2043/vinfo/cn/threat-encyclopedia/network/ddi-rule-2043
DDI RULE 2497 CCHACK - DNS (Response)
HIGH
2019/04/04DDI RULE 2497/vinfo/cn/threat-encyclopedia/network/ddi-rule-2497
DDI RULE 2863 PHP DASHBOARD SQLINJECT - HTTP (Request)
HIGH
2019/04/03DDI RULE 2863/vinfo/cn/threat-encyclopedia/network/ddi-rule-2863
DDI RULE 2864 CVE-2018-1149 NUUO NVRMini2 BufferOverflow - HTTP (Request)
HIGH
2019/04/03DDI RULE 2864/vinfo/cn/threat-encyclopedia/network/ddi-rule-2864
DDI RULE 2860 Belking Wemo UPnP RCE Exploit - HTTP (Request)
HIGH
2019/04/02DDI RULE 2860/vinfo/cn/threat-encyclopedia/network/ddi-rule-2860
DDI RULE 2862 MARSATORMIN - HTTP (Request)
HIGH
2019/03/28DDI RULE 2862/vinfo/cn/threat-encyclopedia/network/ddi-rule-2862
DDI RULE 2859 Possible SPELEVO - Exploit Kit -HTTP (Response)
HIGH
2019/03/28DDI RULE 2859/vinfo/cn/threat-encyclopedia/network/ddi-rule-2859
DDI RULE 2856 DLINK Command Injection Exploit - HTTP (Request) - Variant 3
HIGH
2019/03/28DDI RULE 2856/vinfo/cn/threat-encyclopedia/network/ddi-rule-2856
DDI RULE 2853 NETGEAR DGN2200v1/v2/v3/v4 - CVE-2017-6334 - Remote Code Execution - HTTP (Request)
LOW
2019/03/27DDI RULE 2853/vinfo/cn/threat-encyclopedia/network/ddi-rule-2853
DDI RULE 2854 LINKSYS_WRT110 - CVE-2013-3568 - Remote Code Execution - HTTP (Request)
LOW
2019/03/27DDI RULE 2854/vinfo/cn/threat-encyclopedia/network/ddi-rule-2854
DDI RULE 2840 NETCOMMWIRELESS - CVE-2015-6023 - CVE-2015-6024 - Remote Code Execution - HTTP (Request)
LOW
2019/03/27DDI RULE 2840/vinfo/cn/threat-encyclopedia/network/ddi-rule-2840
DDI RULE 2839 ZTE F460 F660 - Remote Code Execution - HTTP (Request)
HIGH
2019/03/26DDI RULE 2839/vinfo/cn/threat-encyclopedia/network/ddi-rule-2839
DDI RULE 2855 Netgear Prosafe RCE Exploit - HTTP (Request)
HIGH
2019/03/26DDI RULE 2855/vinfo/cn/threat-encyclopedia/network/ddi-rule-2855
DDI RULE 2857 DLINK 930L RCE EXPLOIT - HTTP (Request)
HIGH
2019/03/26DDI RULE 2857/vinfo/cn/threat-encyclopedia/network/ddi-rule-2857
DDI RULE 2828 Zyxel - Remote Code Execution - HTTP (Request)
HIGH
2019/03/26DDI RULE 2828/vinfo/cn/threat-encyclopedia/network/ddi-rule-2828
DDI RULE 2829 Zyxel - Command Injection - HTTP (Request)
HIGH
2019/03/20DDI RULE 2829/vinfo/cn/threat-encyclopedia/network/ddi-rule-2829
DDI RULE 2830 Billion-5200W-T - Command Injection - HTTP (Request)
HIGH
2019/03/20DDI RULE 2830/vinfo/cn/threat-encyclopedia/network/ddi-rule-2830
DDI RULE 2831 Billion 5200W-T - Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2019/03/20DDI RULE 2831/vinfo/cn/threat-encyclopedia/network/ddi-rule-2831
DDI RULE 2852 DOC File downloaded in root directory - HTTP (Response)
HIGH
2019/03/20DDI RULE 2852/vinfo/cn/threat-encyclopedia/network/ddi-rule-2852
DDI RULE 2841 3COM - Remote Code Execution - HTTP (Request)
HIGH
2019/03/20DDI RULE 2841/vinfo/cn/threat-encyclopedia/network/ddi-rule-2841
DDI RULE 1631 Remote Schedule Tasks through SMB protocol detected - Create Command
LOW
2019/03/20DDI RULE 1631/vinfo/cn/threat-encyclopedia/network/ddi-rule-1631
DDI RULE 1632 Remote Schedule Tasks through SMB protocol detected - Run Command
LOW
2019/03/20DDI RULE 1632/vinfo/cn/threat-encyclopedia/network/ddi-rule-1632
DDI RULE 1633 Remote Schedule Tasks through SMB protocol detected - Delete Command
LOW
2019/03/20DDI RULE 1633/vinfo/cn/threat-encyclopedia/network/ddi-rule-1633
DDI RULE 1763 STRPADT - HTTP (Request)
HIGH
2019/03/19DDI RULE 1763/vinfo/cn/threat-encyclopedia/network/ddi-rule-1763
DDI RULE 2849 CVE-2019-9194-HTTP RCE - ELFINDER (Request)
HIGH
2019/03/19DDI RULE 2849/vinfo/cn/threat-encyclopedia/network/ddi-rule-2849
DDI RULE 2850 CHWRITER - HTTP (Request)
HIGH
2019/03/19DDI RULE 2850/vinfo/cn/threat-encyclopedia/network/ddi-rule-2850
DDI RULE 2851 MAKO WEB SERVER - Command Injection - HTTP (Request)
HIGH
2019/03/19DDI RULE 2851/vinfo/cn/threat-encyclopedia/network/ddi-rule-2851
DDI RULE 2710 FLAWEDAMMYY - TCP (Request)
HIGH
2019/03/18DDI RULE 2710/vinfo/cn/threat-encyclopedia/network/ddi-rule-2710
DDI RULE 2400 Remote Enumerate Registry through SMB protocol detected
LOW
2019/03/18DDI RULE 2400/vinfo/cn/threat-encyclopedia/network/ddi-rule-2400
DDI RULE 2401 Remote Read Registry through SMB protocol detected
LOW
2019/03/18DDI RULE 2401/vinfo/cn/threat-encyclopedia/network/ddi-rule-2401
DDI RULE 2415 Remote Delete Registry through SMB protocol detected
LOW
2019/03/18DDI RULE 2415/vinfo/cn/threat-encyclopedia/network/ddi-rule-2415
DDI RULE 2068 DRIDEX - SSL (Request)
HIGH
2019/03/13DDI RULE 2068/vinfo/cn/threat-encyclopedia/network/ddi-rule-2068
DDI RULE 2848 INFOSTEAL - HTTP (Request) - Variant 4
HIGH
2019/03/13DDI RULE 2848/vinfo/cn/threat-encyclopedia/network/ddi-rule-2848
DDI RULE 2834 CVE-2019-8942 WordPress Image Remote Code Execution Exploit - HTTP (Request)
HIGH
2019/03/12DDI RULE 2834/vinfo/cn/threat-encyclopedia/network/ddi-rule-2834
DDI RULE 2780 TRICKBOT - HTTP (Request)
HIGH
2019/03/12DDI RULE 2780/vinfo/cn/threat-encyclopedia/network/ddi-rule-2780
DDI RULE 2847 INFOSTEAL - FTP (Request)
HIGH
2019/03/11DDI RULE 2847/vinfo/cn/threat-encyclopedia/network/ddi-rule-2847
DDI RULE 2844 RIG - Exploit Kit - HTTP (Request) - Variant 2
HIGH
2019/03/11DDI RULE 2844/vinfo/cn/threat-encyclopedia/network/ddi-rule-2844
DDI RULE 1195 Remote Add Job through SMB Protocol Detected
LOW
2019/03/11DDI RULE 1195/vinfo/cn/threat-encyclopedia/network/ddi-rule-1195
DDI RULE 1196 Remote Delete Job through SMB Detected
MEDIUM
2019/03/11DDI RULE 1196/vinfo/cn/threat-encyclopedia/network/ddi-rule-1196
DDI RULE 12 Archive file containing file with double extension
MEDIUM
2019/03/11DDI RULE 12/vinfo/cn/threat-encyclopedia/network/ddi-rule-12
DDI RULE 1535 ZACOM - HTTP (Request)
HIGH
2019/03/11DDI RULE 1535/vinfo/cn/threat-encyclopedia/network/ddi-rule-1535
DDI RULE 2408 Remote Enumerate Job through SMB protocol detected
LOW
2019/03/11DDI RULE 2408/vinfo/cn/threat-encyclopedia/network/ddi-rule-2408
DDI RULE 2352 CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request) - Variant 2
HIGH
2019/03/11DDI RULE 2352/vinfo/cn/threat-encyclopedia/network/ddi-rule-2352
DDI RULE 2845 Possible PDF in Chrome Information Disclosure - HTTP (Request)
MEDIUM
2019/03/07DDI RULE 2845/vinfo/cn/threat-encyclopedia/network/ddi-rule-2845
DDI RULE 2826 JBOSS Webshell - HTTP (Request)
HIGH
2019/03/06DDI RULE 2826/vinfo/cn/threat-encyclopedia/network/ddi-rule-2826
DDI RULE 2819 FASTGATE - Command Injection - HTTP (Request)
HIGH
2019/03/06DDI RULE 2819/vinfo/cn/threat-encyclopedia/network/ddi-rule-2819
DDI RULE 2814 JOOMLA - HTTP (Request)
HIGH
2019/03/05DDI RULE 2814/vinfo/cn/threat-encyclopedia/network/ddi-rule-2814
DDI RULE 2791 EMPIRE - HTTP (Request) - Variant 2
MEDIUM
2019/03/05DDI RULE 2791/vinfo/cn/threat-encyclopedia/network/ddi-rule-2791
DDI RULE 2836 CVE-2017-0171 - Denial of Service - DNS (Response)
MEDIUM
2019/03/05DDI RULE 2836/vinfo/cn/threat-encyclopedia/network/ddi-rule-2836
DDI RULE 2837 CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request)
MEDIUM
2019/03/05DDI RULE 2837/vinfo/cn/threat-encyclopedia/network/ddi-rule-2837
DDI RULE 2842 CVE-2014-9118 ZHONE RCE EXPLOIT - HTTP (Request)
HIGH
2019/03/05DDI RULE 2842/vinfo/cn/threat-encyclopedia/network/ddi-rule-2842
DDI RULE 2843 ZHONE XSS Exploit - HTTP (Request)
HIGH
2019/03/05DDI RULE 2843/vinfo/cn/threat-encyclopedia/network/ddi-rule-2843
DDI RULE 2838 SPEAKUP - HTTP (Request)
HIGH
2019/03/04DDI RULE 2838/vinfo/cn/threat-encyclopedia/network/ddi-rule-2838
DDI RULE 2835 CVE-2016-3088 ACTIVEMQ - HTTP (Request)
HIGH
2019/03/04DDI RULE 2835/vinfo/cn/threat-encyclopedia/network/ddi-rule-2835
DDI RULE 2806 CVE-2016-1555 - Netgear Devices - Unauthenticated Remote Code Execution - HTTP (Request)
HIGH
2019/03/04DDI RULE 2806/vinfo/cn/threat-encyclopedia/network/ddi-rule-2806
DDI RULE 2820 Hootoo HT5 Remote code Execution - HTTP (Request)
HIGH
2019/03/04DDI RULE 2820/vinfo/cn/threat-encyclopedia/network/ddi-rule-2820
DDI RULE 2833 CVE-2019-6340 Drupal 8 RESTful Web Services Remote Code Execution - HTTP (Request)
HIGH
2019/03/04DDI RULE 2833/vinfo/cn/threat-encyclopedia/network/ddi-rule-2833
DDI RULE 2823 CKNIFE - HTTP (Request) - Variant 2
HIGH
2019/02/21DDI RULE 2823/vinfo/cn/threat-encyclopedia/network/ddi-rule-2823
DDI RULE 2824 CVE-2015-2280 AirLink OS Command Injection - HTTP (Request)
HIGH
2019/02/21DDI RULE 2824/vinfo/cn/threat-encyclopedia/network/ddi-rule-2824
DDI RULE 2822 RATBLAMIK - TCP (Request)
HIGH
2019/02/20DDI RULE 2822/vinfo/cn/threat-encyclopedia/network/ddi-rule-2822
DDI RULE 2821 NEUTRINO - HTTP (Response)
MEDIUM
2019/02/19DDI RULE 2821/vinfo/cn/threat-encyclopedia/network/ddi-rule-2821
DDI RULE 2385 SOAP RCE EXPLOIT - HTTP (Request)
HIGH
2019/02/14DDI RULE 2385/vinfo/cn/threat-encyclopedia/network/ddi-rule-2385
DDI RULE 2224 Covert Iodine tunnel - DNS (Request)
LOW
2019/02/12DDI RULE 2224/vinfo/cn/threat-encyclopedia/network/ddi-rule-2224
DDI RULE 2795 Unauthorized Write Request - DNP3 (Request)
LOW
2019/02/11DDI RULE 2795/vinfo/cn/threat-encyclopedia/network/ddi-rule-2795
DDI RULE 2796 Unauthorized Broadcast Request - DNP3 (Request)
LOW
2019/02/11DDI RULE 2796/vinfo/cn/threat-encyclopedia/network/ddi-rule-2796
DDI RULE 2797 Possible Denial of Service - DNP3 (Request)
LOW
2019/02/11DDI RULE 2797/vinfo/cn/threat-encyclopedia/network/ddi-rule-2797
DDI RULE 2798 Unauthorized Read Request - DNP3 (Request)
LOW
2019/02/11DDI RULE 2798/vinfo/cn/threat-encyclopedia/network/ddi-rule-2798
DDI RULE 2799 Possible Scan of Points List - DNP3 (Response) Beta
LOW
2019/02/11DDI RULE 2799/vinfo/cn/threat-encyclopedia/network/ddi-rule-2799
DDI RULE 28 Unregistered service running on non-standard port
LOW
2019/02/11DDI RULE 28/vinfo/cn/threat-encyclopedia/network/ddi-rule-28
DDI RULE 2800 Possible Scan of Outstation - DNP3 (Response) Beta
LOW
2019/02/11DDI RULE 2800/vinfo/cn/threat-encyclopedia/network/ddi-rule-2800
DDI RULE 2801 Multiple Unsolicited Response - DNP3 (Response) Beta
LOW
2019/02/11DDI RULE 2801/vinfo/cn/threat-encyclopedia/network/ddi-rule-2801
DDI RULE 2807 TEAMFOSTEALER - HTTP (Request)
HIGH
2019/02/07DDI RULE 2807/vinfo/cn/threat-encyclopedia/network/ddi-rule-2807
DDI RULE 2812 CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Request)
MEDIUM
2019/02/07DDI RULE 2812/vinfo/cn/threat-encyclopedia/network/ddi-rule-2812
DDI RULE 2813 CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Response)
HIGH
2019/02/07DDI RULE 2813/vinfo/cn/threat-encyclopedia/network/ddi-rule-2813
DDI RULE 2810 CVE-2019-6703 WordPress Total Donations Unauthentication Exploit - HTTP (Request)
MEDIUM
2019/02/07DDI RULE 2810/vinfo/cn/threat-encyclopedia/network/ddi-rule-2810
DDI RULE 1562 DARKHOLE - HTTP (Request) - Variant 2
HIGH
2019/02/06DDI RULE 1562/vinfo/cn/threat-encyclopedia/network/ddi-rule-1562
DDI RULE 2209 NEUTRINO - Exploit Kit - HTTP (Request) - Variant 5
MEDIUM
2019/02/06DDI RULE 2209/vinfo/cn/threat-encyclopedia/network/ddi-rule-2209
DDI RULE 2817 KEYPATH Command Injection - HTTP (Request)
HIGH
2019/02/05DDI RULE 2817/vinfo/cn/threat-encyclopedia/network/ddi-rule-2817
DDI RULE 2818 SERVHELPER - HTTP (Request)
HIGH
2019/02/05DDI RULE 2818/vinfo/cn/threat-encyclopedia/network/ddi-rule-2818
DDI RULE 2815 SIEREN - TCP(Request)
HIGH
2019/01/31DDI RULE 2815/vinfo/cn/threat-encyclopedia/network/ddi-rule-2815
DDI RULE 2306 KVNDM - HTTP (Request)
HIGH
2019/01/30DDI RULE 2306/vinfo/cn/threat-encyclopedia/network/ddi-rule-2306
DDI RULE 2808 FALLOUT - Exploit Kit - HTTP (Response) - Variant 3
MEDIUM
2019/01/29DDI RULE 2808/vinfo/cn/threat-encyclopedia/network/ddi-rule-2808
DDI RULE 2802 Oracle Weblogic Exploit - HTTP (Request)
HIGH
2019/01/23DDI RULE 2802/vinfo/cn/threat-encyclopedia/network/ddi-rule-2802
DDI RULE 2803 Link-Net LW-N605R Remote Code Execution Exploit - HTTP (Request)
HIGH
2019/01/23DDI RULE 2803/vinfo/cn/threat-encyclopedia/network/ddi-rule-2803
DDI RULE 2804 Possible Router Exploit Kit - HTTP (Response)
HIGH
2019/01/23DDI RULE 2804/vinfo/cn/threat-encyclopedia/network/ddi-rule-2804
DDI RULE 2805 CVE-2019-0547 Client Remote Code Execution Exploit - DHCP (Response)
MEDIUM
2019/01/23DDI RULE 2805/vinfo/cn/threat-encyclopedia/network/ddi-rule-2805
DDI RULE 1871 DRIDEX - HTTP (Request) - Variant 3
HIGH
2019/01/23DDI RULE 1871/vinfo/cn/threat-encyclopedia/network/ddi-rule-1871
DDI RULE 2143 SQLINJECT - HTTP (Request)
LOW
2019/01/22DDI RULE 2143/vinfo/cn/threat-encyclopedia/network/ddi-rule-2143
DDI RULE 2793 APT - WINNTI - HTTP (Response)
HIGH
2019/01/21DDI RULE 2793/vinfo/cn/threat-encyclopedia/network/ddi-rule-2793
DDI RULE 2794 RIG - Exploit Kit - HTTP (Request) - Variant 7
HIGH
2019/01/17DDI RULE 2794/vinfo/cn/threat-encyclopedia/network/ddi-rule-2794
DDI RULE 2520 MAGNITUDE - Exploit Kit - HTTP (Request) - Variant 4
HIGH
2019/01/17DDI RULE 2520/vinfo/cn/threat-encyclopedia/network/ddi-rule-2520
DDI RULE 1549 APT - WINNTI - HTTP (Request)
HIGH
2019/01/14DDI RULE 1549/vinfo/cn/threat-encyclopedia/network/ddi-rule-1549
DDI RULE 2792 APT - KONNI - HTTP (Request)
HIGH
2019/01/09DDI RULE 2792/vinfo/cn/threat-encyclopedia/network/ddi-rule-2792
DDI RULE 2144 NEUTRINO - Exploit Kit - HTTP (Request) - Variant 3
MEDIUM
2019/01/03DDI RULE 2144/vinfo/cn/threat-encyclopedia/network/ddi-rule-2144
DDI RULE 2789 CVE-2018-8653 MSIE Remote Code Execution - HTTP (Response)
MEDIUM
2018/12/27DDI RULE 2789/vinfo/cn/threat-encyclopedia/network/ddi-rule-2789
DDI RULE 2790 APT - WILDPOSITRON - HTTP (Request)
HIGH
2018/12/26DDI RULE 2790/vinfo/cn/threat-encyclopedia/network/ddi-rule-2790
DDI RULE 1229 ALINA HTTP request - Variant 1
HIGH
2018/12/26DDI RULE 1229/vinfo/cn/threat-encyclopedia/network/ddi-rule-1229
DDI RULE 2787 CRISISHT - HTTP (Request)
MEDIUM
2018/12/20DDI RULE 2787/vinfo/cn/threat-encyclopedia/network/ddi-rule-2787
DDI RULE 2788 CVE-2018-8476 Windows Deployment Services Remote Code Execution Exploit - TFTP (Request)
MEDIUM
2018/12/20DDI RULE 2788/vinfo/cn/threat-encyclopedia/network/ddi-rule-2788
DDI RULE 2784 Ncrack/Hydra Brute Force Tool - RDP(Request)
HIGH
2018/12/19DDI RULE 2784/vinfo/cn/threat-encyclopedia/network/ddi-rule-2784
DDI RULE 2785 L0RDIX - HTTP (Request)
MEDIUM
2018/12/18DDI RULE 2785/vinfo/cn/threat-encyclopedia/network/ddi-rule-2785
DDI RULE 2397 STONEDRILL - HTTP (Request) - Variant 2
HIGH
2018/12/18DDI RULE 2397/vinfo/cn/threat-encyclopedia/network/ddi-rule-2397
DDI RULE 2779 DNSpoinage DNS - (Response)
HIGH
2018/12/12DDI RULE 2779/vinfo/cn/threat-encyclopedia/network/ddi-rule-2779
DDI RULE 2782 TILDEB - TCP (Request)
MEDIUM
2018/12/11DDI RULE 2782/vinfo/cn/threat-encyclopedia/network/ddi-rule-2782
DDI RULE 2081 CRYPTEAR - Ransomware - HTTP (Request)
HIGH
2018/12/11DDI RULE 2081/vinfo/cn/threat-encyclopedia/network/ddi-rule-2081
DDI RULE 2418 Suspicious file rename - SMB (Request)
HIGH
2018/12/04DDI RULE 2418/vinfo/cn/threat-encyclopedia/network/ddi-rule-2418
DDI RULE 2420 Shodan Internet Scan - Malware Hunter C&C Server Scan
LOW
2018/12/04DDI RULE 2420/vinfo/cn/threat-encyclopedia/network/ddi-rule-2420
DDI RULE 2421 Shodan Internet Scan - Possible Exposed Device/Service
LOW
2018/12/04DDI RULE 2421/vinfo/cn/threat-encyclopedia/network/ddi-rule-2421
DDI RULE 2442 Possible PsExec PETYA - Ransomware - SMB
MEDIUM
2018/12/04DDI RULE 2442/vinfo/cn/threat-encyclopedia/network/ddi-rule-2442
DDI RULE 1214 BAYROB - HTTP (Request)
MEDIUM
2018/11/28DDI RULE 1214/vinfo/cn/threat-encyclopedia/network/ddi-rule-1214
DDI RULE 2731 KAIXIN - Exploit Kit - HTTP (Response) - Variant 5
HIGH
2018/11/22DDI RULE 2731/vinfo/cn/threat-encyclopedia/network/ddi-rule-2731
DDI RULE 2777 Apache Struts File Upload - HTTP (Request)
HIGH
2018/11/21DDI RULE 2777/vinfo/cn/threat-encyclopedia/network/ddi-rule-2777
DDI RULE 2778 ZTE ZXV10 Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/11/21DDI RULE 2778/vinfo/cn/threat-encyclopedia/network/ddi-rule-2778
DDI RULE 2775 DOCKER API - HTTP (Request)
HIGH
2018/11/21DDI RULE 2775/vinfo/cn/threat-encyclopedia/network/ddi-rule-2775
DDI RULE 2621 Remote Code Execution - HTTP (Request)
HIGH
2018/11/21DDI RULE 2621/vinfo/cn/threat-encyclopedia/network/ddi-rule-2621
DDI RULE 2771 APT - POISONIVY - HTTP (Request)
HIGH
2018/11/20DDI RULE 2771/vinfo/cn/threat-encyclopedia/network/ddi-rule-2771
DDI RULE 2772 APT - GHOST - TCP (Request)
HIGH
2018/11/20DDI RULE 2772/vinfo/cn/threat-encyclopedia/network/ddi-rule-2772
DDI RULE 2774 APT - POWLOADR - HTTP (Request)
HIGH
2018/11/20DDI RULE 2774/vinfo/cn/threat-encyclopedia/network/ddi-rule-2774
DDI RULE 2713 AVTECH Command Injection Exploit - HTTP (Request)
HIGH
2018/11/20DDI RULE 2713/vinfo/cn/threat-encyclopedia/network/ddi-rule-2713
DDI RULE 2474 APT - PLEAD - TCP (Request)
HIGH
2018/11/20DDI RULE 2474/vinfo/cn/threat-encyclopedia/network/ddi-rule-2474
DDI RULE 2494 APT - ANEL - HTTP (Request)
HIGH
2018/11/20DDI RULE 2494/vinfo/cn/threat-encyclopedia/network/ddi-rule-2494
DDI RULE 2716 BINBASH Download - HTTP (Response)
HIGH
2018/11/12DDI RULE 2716/vinfo/cn/threat-encyclopedia/network/ddi-rule-2716
DDI RULE 2765 GZ Inflate in PHP File - HTTP (Response)
LOW
2018/11/12DDI RULE 2765/vinfo/cn/threat-encyclopedia/network/ddi-rule-2765
DDI RULE 2766 Possible WINBOX Remote Code Execution - TCP
MEDIUM
2018/11/12DDI RULE 2766/vinfo/cn/threat-encyclopedia/network/ddi-rule-2766
DDI RULE 2767 Window Shell Remote Code Execution - HTTP (Response)
HIGH
2018/11/12DDI RULE 2767/vinfo/cn/threat-encyclopedia/network/ddi-rule-2767
DDI RULE 2768 DLINK Router Dns Changer Exploit - HTTP (Request)
HIGH
2018/11/12DDI RULE 2768/vinfo/cn/threat-encyclopedia/network/ddi-rule-2768
DDI RULE 277 AUTORUN - HTTP (Response) - Variant 2
HIGH
2018/11/12DDI RULE 277/vinfo/cn/threat-encyclopedia/network/ddi-rule-277
DDI RULE 2764 Possible CVE-2018-8413 Windows Theme API RCE Download - HTTP (Response)
MEDIUM
2018/11/08DDI RULE 2764/vinfo/cn/threat-encyclopedia/network/ddi-rule-2764
DDI RULE 2763 Possible CVE-2018-15454 - Cisco ASA and FTD Software DOS - UDP (Response)
LOW
2018/11/07DDI RULE 2763/vinfo/cn/threat-encyclopedia/network/ddi-rule-2763
DDI RULE 2762 CVE-2018-9206 - JQuery Arbitrary File Upload Exploit Attempt - HTTP (Request)
HIGH
2018/11/06DDI RULE 2762/vinfo/cn/threat-encyclopedia/network/ddi-rule-2762
DDI RULE 2756 Possible ADWIND - Malicious Certificate - HTTPS (Response)
LOW
2018/11/06DDI RULE 2756/vinfo/cn/threat-encyclopedia/network/ddi-rule-2756
DDI RULE 2007 URSNIF - HTTP (Request) - Variant 3
HIGH
2018/11/06DDI RULE 2007/vinfo/cn/threat-encyclopedia/network/ddi-rule-2007
DDI RULE 2759 UNDERMINER - Exploit Kit - HTTP (Request) - Variant 2
HIGH
2018/10/30DDI RULE 2759/vinfo/cn/threat-encyclopedia/network/ddi-rule-2759
DDI RULE 2760 DRIDEX - Malicious certificate - SSL - Variant 2
HIGH
2018/10/30DDI RULE 2760/vinfo/cn/threat-encyclopedia/network/ddi-rule-2760
DDI RULE 2761 URSNIF - HTTP (Request) - Variant 6
HIGH
2018/10/30DDI RULE 2761/vinfo/cn/threat-encyclopedia/network/ddi-rule-2761
DDI RULE 2632 GRAVITYRAT - HTTP (Request)
HIGH
2018/10/29DDI RULE 2632/vinfo/cn/threat-encyclopedia/network/ddi-rule-2632
DDI RULE 1170 ANDROMEDA - HTTP (Request)
HIGH
2018/10/25DDI RULE 1170/vinfo/cn/threat-encyclopedia/network/ddi-rule-1170
DDI RULE 2757 ELF File requested from root directory - HTTP (Response)
HIGH
2018/10/22DDI RULE 2757/vinfo/cn/threat-encyclopedia/network/ddi-rule-2757
DDI RULE 2758 GZ File requested from root directory - HTTP (Request)
HIGH
2018/10/22DDI RULE 2758/vinfo/cn/threat-encyclopedia/network/ddi-rule-2758
DDI RULE 2724 CVE-2018-8373 VBScript Use-After-Free Exploit - HTTP (Response)
MEDIUM
2018/10/08DDI RULE 2724/vinfo/cn/threat-encyclopedia/network/ddi-rule-2724
DDI RULE 2726 CVE-2018-11776 - APACHE STRUTS RCE EXPLOIT - HTTP (Request)
HIGH
2018/10/04DDI RULE 2726/vinfo/cn/threat-encyclopedia/network/ddi-rule-2726
DDI RULE 2754 EnGenius EnShare Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/10/03DDI RULE 2754/vinfo/cn/threat-encyclopedia/network/ddi-rule-2754
DDI RULE 2755 CVE-2017-6884 Zyxel OS Command Injection Exploit - HTTP (Request)
MEDIUM
2018/10/03DDI RULE 2755/vinfo/cn/threat-encyclopedia/network/ddi-rule-2755
DDI RULE 2692 LINKSYS Unauthenticated Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/10/03DDI RULE 2692/vinfo/cn/threat-encyclopedia/network/ddi-rule-2692
DDI RULE 2544 JAWS Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/10/03DDI RULE 2544/vinfo/cn/threat-encyclopedia/network/ddi-rule-2544
DDI RULE 2723 MAGNITUDE - Exploit Kit - HTTP (Response)
HIGH
2018/10/02DDI RULE 2723/vinfo/cn/threat-encyclopedia/network/ddi-rule-2723
DDI RULE 2753 FALLOUT - Exploit Kit - HTTP (Request)
MEDIUM
2018/10/01DDI RULE 2753/vinfo/cn/threat-encyclopedia/network/ddi-rule-2753
DDI RULE 2623 Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/10/01DDI RULE 2623/vinfo/cn/threat-encyclopedia/network/ddi-rule-2623
DDI RULE 2736 ANTAK Webshell - HTTP (Request)
MEDIUM
2018/09/27DDI RULE 2736/vinfo/cn/threat-encyclopedia/network/ddi-rule-2736
DDI RULE 2749 Possible IE Exploit - HTTP (Response) - Variant 4
LOW
2018/09/27DDI RULE 2749/vinfo/cn/threat-encyclopedia/network/ddi-rule-2749
DDI RULE 2750 CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/09/27DDI RULE 2750/vinfo/cn/threat-encyclopedia/network/ddi-rule-2750
DDI RULE 2751 Remote Command Shell - TCP
HIGH
2018/09/27DDI RULE 2751/vinfo/cn/threat-encyclopedia/network/ddi-rule-2751
DDI RULE 2752 Remote PowerShell - TCP
HIGH
2018/09/27DDI RULE 2752/vinfo/cn/threat-encyclopedia/network/ddi-rule-2752
DDI RULE 2734 TUNNA Webshell - HTTP (Request)
LOW
2018/09/24DDI RULE 2734/vinfo/cn/threat-encyclopedia/network/ddi-rule-2734
DDI RULE 2735 TUNNA Webshell - HTTP (Request) - Variant 2
MEDIUM
2018/09/24DDI RULE 2735/vinfo/cn/threat-encyclopedia/network/ddi-rule-2735
DDI RULE 2728 NUUO Command Injection - HTTP (Request)
HIGH
2018/09/17DDI RULE 2728/vinfo/cn/threat-encyclopedia/network/ddi-rule-2728
DDI RULE 2746 BLUEBANANA - TCP (Request)
HIGH
2018/09/13DDI RULE 2746/vinfo/cn/threat-encyclopedia/network/ddi-rule-2746
DDI RULE 2747 IE Exploit - HTTP (Response)
HIGH
2018/09/13DDI RULE 2747/vinfo/cn/threat-encyclopedia/network/ddi-rule-2747
DDI RULE 2748 Possible IE Exploit - HTTP (Response) - Variant 3
LOW
2018/09/13DDI RULE 2748/vinfo/cn/threat-encyclopedia/network/ddi-rule-2748
DDI RULE 2745 CVE-2018-9866 SonicWall XML RPC Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/09/12DDI RULE 2745/vinfo/cn/threat-encyclopedia/network/ddi-rule-2745
DDI RULE 2732 CVE-2009-3103 - Remote Code Execution - SMB2
HIGH
2018/09/04DDI RULE 2732/vinfo/cn/threat-encyclopedia/network/ddi-rule-2732
DDI RULE 2167 ALFA - Ransomware - HTTP (Request)
HIGH
2018/09/04DDI RULE 2167/vinfo/cn/threat-encyclopedia/network/ddi-rule-2167
DDI RULE 2714 KAIXIN - Exploit Kit - HTTP (Request) - Variant 2
HIGH
2018/09/03DDI RULE 2714/vinfo/cn/threat-encyclopedia/network/ddi-rule-2714
DDI RULE 2730 OMRON FINS TCP Read Controller Attempt NSE - TCP (Request)
LOW
2018/08/30DDI RULE 2730/vinfo/cn/threat-encyclopedia/network/ddi-rule-2730
DDI RULE 475 PALEVO - UDP - Variant 2
MEDIUM
2018/08/30DDI RULE 475/vinfo/cn/threat-encyclopedia/network/ddi-rule-475
DDI RULE 48 Query of a non-trusted domain mail exchanger using the host's DNS A record
LOW
2018/08/30DDI RULE 48/vinfo/cn/threat-encyclopedia/network/ddi-rule-48
DDI RULE 49 Session using standard port - IRC
LOW
2018/08/30DDI RULE 49/vinfo/cn/threat-encyclopedia/network/ddi-rule-49
DDI RULE 5 Executable file name with multiple consecutive spaces
HIGH
2018/08/30DDI RULE 5/vinfo/cn/threat-encyclopedia/network/ddi-rule-5
DDI RULE 50 Host DNS MX record query of a trusted domain
LOW
2018/08/30DDI RULE 50/vinfo/cn/threat-encyclopedia/network/ddi-rule-50
DDI RULE 51 Malware-related subject and executable file - Email
LOW
2018/08/30DDI RULE 51/vinfo/cn/threat-encyclopedia/network/ddi-rule-51
DDI RULE 52 Unregistered mail server - Email
LOW
2018/08/30DDI RULE 52/vinfo/cn/threat-encyclopedia/network/ddi-rule-52
DDI RULE 54 Archive file containing packed executable file - Email
HIGH
2018/08/30DDI RULE 54/vinfo/cn/threat-encyclopedia/network/ddi-rule-54
DDI RULE 542 SYKIPOT - Server certificate - SSL
HIGH
2018/08/30DDI RULE 542/vinfo/cn/threat-encyclopedia/network/ddi-rule-542
DDI RULE 55 File name with multiple consecutive spaces and executable extension
HIGH
2018/08/30DDI RULE 55/vinfo/cn/threat-encyclopedia/network/ddi-rule-55
DDI RULE 2729 Possible IE Exploit - HTTP (Response) - Variant 2
LOW
2018/08/29DDI RULE 2729/vinfo/cn/threat-encyclopedia/network/ddi-rule-2729
DDI RULE 1128 BANLOAD - HTTP (Request)
HIGH
2018/08/29DDI RULE 1128/vinfo/cn/threat-encyclopedia/network/ddi-rule-1128
DDI RULE 1155 BITCOIN - HTTP (Request)
HIGH
2018/08/29DDI RULE 1155/vinfo/cn/threat-encyclopedia/network/ddi-rule-1155
DDI RULE 1663 CRAZYK - HTTP (Request)
HIGH
2018/08/29DDI RULE 1663/vinfo/cn/threat-encyclopedia/network/ddi-rule-1663
DDI RULE 2005 Possible EDELLROOT certificate detected
HIGH
2018/08/29DDI RULE 2005/vinfo/cn/threat-encyclopedia/network/ddi-rule-2005
DDI RULE 2011 UPATRE - HTTP (Request) - Variant 3
HIGH
2018/08/29DDI RULE 2011/vinfo/cn/threat-encyclopedia/network/ddi-rule-2011
DDI RULE 2416 DETOXCRYPTO - Ransomware - HTTP (Request)
HIGH
2018/08/29DDI RULE 2416/vinfo/cn/threat-encyclopedia/network/ddi-rule-2416
DDI RULE 2413 TRICKBOT - HTTP (Request)
HIGH
2018/08/29DDI RULE 2413/vinfo/cn/threat-encyclopedia/network/ddi-rule-2413
DDI RULE 2725 Reverse Meterpreter - HTTP (Response)
HIGH
2018/08/22DDI RULE 2725/vinfo/cn/threat-encyclopedia/network/ddi-rule-2725
DDI RULE 2711 UNDERMINER - Exploit Kit - HTTP (Response)
HIGH
2018/08/22DDI RULE 2711/vinfo/cn/threat-encyclopedia/network/ddi-rule-2711
DDI RULE 2698 APT - WATERHOLE - HTTP (Request) - Variant 2
HIGH
2018/08/22DDI RULE 2698/vinfo/cn/threat-encyclopedia/network/ddi-rule-2698
DDI RULE 2672 CKNIFE - HTTP (Request)
HIGH
2018/08/22DDI RULE 2672/vinfo/cn/threat-encyclopedia/network/ddi-rule-2672
DDI RULE 2676 PHP Webshell - HTTP (Request) - Variant 2
HIGH
2018/08/20DDI RULE 2676/vinfo/cn/threat-encyclopedia/network/ddi-rule-2676
DDI RULE 27 Host DNS Mx record query of a non-trusted domain
LOW
2018/08/20DDI RULE 27/vinfo/cn/threat-encyclopedia/network/ddi-rule-27
DDI RULE 2690 JSPSPY Webshell - HTTP (Request)
HIGH
2018/08/20DDI RULE 2690/vinfo/cn/threat-encyclopedia/network/ddi-rule-2690
DDI RULE 2719 WebScript Injection - HTTP (Request)
MEDIUM
2018/08/13DDI RULE 2719/vinfo/cn/threat-encyclopedia/network/ddi-rule-2719
DDI RULE 2720 CVE-2018-2894 Weblogic Arbitrary File Upload Exploit - HTTP (Request)
MEDIUM
2018/08/13DDI RULE 2720/vinfo/cn/threat-encyclopedia/network/ddi-rule-2720
DDI RULE 1460 A privileged user account attempted to log on to the Remote Desktop server during non-working hours
HIGH
2018/08/13DDI RULE 1460/vinfo/cn/threat-encyclopedia/network/ddi-rule-1460
DDI RULE 1552 APT - HAVEX - HTTP (Request)
HIGH
2018/08/13DDI RULE 1552/vinfo/cn/threat-encyclopedia/network/ddi-rule-1552
DDI RULE 1577 APT - PLUGX - HTTP (Request) - Variant 6
HIGH
2018/08/13DDI RULE 1577/vinfo/cn/threat-encyclopedia/network/ddi-rule-1577
DDI RULE 1347 APT - Possible SIMBOT - HTTP (Request) - Variant 3
MEDIUM
2018/08/13DDI RULE 1347/vinfo/cn/threat-encyclopedia/network/ddi-rule-1347
DDI RULE 1415 APT - Possible POISONIVY - TCP (Request)
MEDIUM
2018/08/13DDI RULE 1415/vinfo/cn/threat-encyclopedia/network/ddi-rule-1415
DDI RULE 1583 APT - HCOREPWSTL - HTTP (Request)
HIGH
2018/08/13DDI RULE 1583/vinfo/cn/threat-encyclopedia/network/ddi-rule-1583
DDI RULE 272 AUTORUN - HTTP (Request) - Variant 6
HIGH
2018/08/09DDI RULE 272/vinfo/cn/threat-encyclopedia/network/ddi-rule-272
DDI RULE 2717 KAIXIN - Exploit Kit - HTTP (Request) - Variant 3
HIGH
2018/08/09DDI RULE 2717/vinfo/cn/threat-encyclopedia/network/ddi-rule-2717
DDI RULE 2718 S7 Enumerate Redpoint NSE Request CPU Function Read SZL - TCP (Request)
LOW
2018/08/09DDI RULE 2718/vinfo/cn/threat-encyclopedia/network/ddi-rule-2718
DDI RULE 2715 MINER CONFIG - HTTP (Response)
HIGH
2018/08/07DDI RULE 2715/vinfo/cn/threat-encyclopedia/network/ddi-rule-2715
DDI RULE 2429 EQUATED - Exploit Attempt - SMB (Response)
HIGH
2018/08/07DDI RULE 2429/vinfo/cn/threat-encyclopedia/network/ddi-rule-2429
DDI RULE 2384 Possible EQUATED - Remote Code Execution - SMB (Request)
LOW
2018/08/07DDI RULE 2384/vinfo/cn/threat-encyclopedia/network/ddi-rule-2384
DDI RULE 2390 EQUATED - SMB (Response)
HIGH
2018/08/07DDI RULE 2390/vinfo/cn/threat-encyclopedia/network/ddi-rule-2390
DDI RULE 1087 APT - FASWIK - TCP (Request)
HIGH
2018/08/06DDI RULE 1087/vinfo/cn/threat-encyclopedia/network/ddi-rule-1087
DDI RULE 1069 APT - Possible GHOSTRAT - TCP
MEDIUM
2018/08/06DDI RULE 1069/vinfo/cn/threat-encyclopedia/network/ddi-rule-1069
DDI RULE 1076 file dropped on a network administrative share
LOW
2018/08/06DDI RULE 1076/vinfo/cn/threat-encyclopedia/network/ddi-rule-1076
DDI RULE 1257 APT - CRIDEX - HTTP (Request) - Variant 3
HIGH
2018/08/06DDI RULE 1257/vinfo/cn/threat-encyclopedia/network/ddi-rule-1257
DDI RULE 1300 APT - FARFLI - HTTP (Request)
HIGH
2018/08/06DDI RULE 1300/vinfo/cn/threat-encyclopedia/network/ddi-rule-1300
DDI RULE 1303 APT - Possible BLYPT - HTTP (Request)
MEDIUM
2018/08/06DDI RULE 1303/vinfo/cn/threat-encyclopedia/network/ddi-rule-1303
DDI RULE 1306 SMB or SMB2 PE file Upload to non-administrative share folder detected
MEDIUM
2018/08/06DDI RULE 1306/vinfo/cn/threat-encyclopedia/network/ddi-rule-1306
DDI RULE 1307 SMB or SMB2 PE file Upload detected
MEDIUM
2018/08/06DDI RULE 1307/vinfo/cn/threat-encyclopedia/network/ddi-rule-1307
DDI RULE 1310 SMB CreateService request detected
LOW
2018/08/06DDI RULE 1310/vinfo/cn/threat-encyclopedia/network/ddi-rule-1310
DDI RULE 1311 SMB DeleteService request detected
LOW
2018/08/06DDI RULE 1311/vinfo/cn/threat-encyclopedia/network/ddi-rule-1311
DDI RULE 1318 File Download From known CNC Server detected
MEDIUM
2018/08/06DDI RULE 1318/vinfo/cn/threat-encyclopedia/network/ddi-rule-1318
DDI RULE 2709 CVE-2018-8278 MS Edge Spoofing Exploit - HTTP (Response)
HIGH
2018/07/30DDI RULE 2709/vinfo/cn/threat-encyclopedia/network/ddi-rule-2709
DDI RULE 2704 Web Security Testing Tool - HTTP (Request) - Variant 2
HIGH
2018/07/26DDI RULE 2704/vinfo/cn/threat-encyclopedia/network/ddi-rule-2704
DDI RULE 2705 Android Debug Bridge Remote Code Execution - TCP (Request)
HIGH
2018/07/26DDI RULE 2705/vinfo/cn/threat-encyclopedia/network/ddi-rule-2705
DDI RULE 2706 OSTAP - HTTP (Request)
HIGH
2018/07/26DDI RULE 2706/vinfo/cn/threat-encyclopedia/network/ddi-rule-2706
DDI RULE 2707 DLINK Command Injection Exploit - HTTP (Request) - Variant 2
HIGH
2018/07/26DDI RULE 2707/vinfo/cn/threat-encyclopedia/network/ddi-rule-2707
DDI RULE 2708 SENDOOREOF - UDP (Request)
HIGH
2018/07/26DDI RULE 2708/vinfo/cn/threat-encyclopedia/network/ddi-rule-2708
DDI RULE 2629 Possible WEBLOGIC T3 RCE Exploit - TCP (Request)
MEDIUM
2018/07/26DDI RULE 2629/vinfo/cn/threat-encyclopedia/network/ddi-rule-2629
DDI RULE 2626 CVE-2018-7600 - Drupal Remote Code Execution - HTTP (Request)
HIGH
2018/07/25DDI RULE 2626/vinfo/cn/threat-encyclopedia/network/ddi-rule-2626
DDI RULE 2702 Host Discovery - UDP (Request)
LOW
2018/07/24DDI RULE 2702/vinfo/cn/threat-encyclopedia/network/ddi-rule-2702
DDI RULE 1242 APT - XTREME - HTTP (Request)
HIGH
2018/07/24DDI RULE 1242/vinfo/cn/threat-encyclopedia/network/ddi-rule-1242
DDI RULE 1245 APT - TROJAN TCP Request
HIGH
2018/07/24DDI RULE 1245/vinfo/cn/threat-encyclopedia/network/ddi-rule-1245
DDI RULE 1174 APT - MALEX - HTTP (Request)
HIGH
2018/07/24DDI RULE 1174/vinfo/cn/threat-encyclopedia/network/ddi-rule-1174
DDI RULE 1021 APT - Possible POISONIVY - TCP (Response) - Variant 2
MEDIUM
2018/07/24DDI RULE 1021/vinfo/cn/threat-encyclopedia/network/ddi-rule-1021
DDI RULE 2701 Possible EMOTET - HTTP (Response) - Variant 3
HIGH
2018/07/18DDI RULE 2701/vinfo/cn/threat-encyclopedia/network/ddi-rule-2701
DDI RULE 2666 CVE-2017-7529 NGINX Integer Overflow Exploit Attempt HTTP (Request)
MEDIUM
2018/07/18DDI RULE 2666/vinfo/cn/threat-encyclopedia/network/ddi-rule-2666
DDI RULE 2700 Possible WEBSHELL - HTTP (Request)
HIGH
2018/07/17DDI RULE 2700/vinfo/cn/threat-encyclopedia/network/ddi-rule-2700
DDI RULE 2699 CVE-2016-10134 - Zabbix SQL Injection - HTTP (Request)
MEDIUM
2018/07/17DDI RULE 2699/vinfo/cn/threat-encyclopedia/network/ddi-rule-2699
DDI RULE 2584 POSGERAT Data Exfiltration - DNS (Response)
LOW
2018/07/17DDI RULE 2584/vinfo/cn/threat-encyclopedia/network/ddi-rule-2584
DDI RULE 1885 Possible Data Exfiltration - DNS (Response)
LOW
2018/07/17DDI RULE 1885/vinfo/cn/threat-encyclopedia/network/ddi-rule-1885
DDI RULE 1618 CVE-2014-6271 - Shellshock HTTP Request
HIGH
2018/07/16DDI RULE 1618/vinfo/cn/threat-encyclopedia/network/ddi-rule-1618
DDI RULE 1078 Possible TOR node certificate detected
MEDIUM
2018/07/11DDI RULE 1078/vinfo/cn/threat-encyclopedia/network/ddi-rule-1078
DDI RULE 108 Data-stealing malware
LOW
2018/07/11DDI RULE 108/vinfo/cn/threat-encyclopedia/network/ddi-rule-108
DDI RULE 2694 CVE-2018-12613 PHPMyAdmin Remote Code Execution Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2694/vinfo/cn/threat-encyclopedia/network/ddi-rule-2694
DDI RULE 2695 CVE-2018-3606 TMCM SQL Injection Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2695/vinfo/cn/threat-encyclopedia/network/ddi-rule-2695
DDI RULE 2696 CVE-2018-0296 CISCO ASA Path Traversal Exploit - HTTP (Request)
HIGH
2018/07/11DDI RULE 2696/vinfo/cn/threat-encyclopedia/network/ddi-rule-2696
DDI RULE 2697 NUKESPED - TCP (Response) - Variant 2
MEDIUM
2018/07/11DDI RULE 2697/vinfo/cn/threat-encyclopedia/network/ddi-rule-2697
DDI RULE 2693 CVE-2015-5254 - ActiveMQ Deserialization Vulnerability
HIGH
2018/07/10DDI RULE 2693/vinfo/cn/threat-encyclopedia/network/ddi-rule-2693
DDI RULE 2689 CVE-2016-4438 - Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/07/03DDI RULE 2689/vinfo/cn/threat-encyclopedia/network/ddi-rule-2689
DDI RULE 1886 Data Exfiltration - DNS (Response)
LOW
2018/07/03DDI RULE 1886/vinfo/cn/threat-encyclopedia/network/ddi-rule-1886
DDI RULE 2349 Possible MIRAI - TCP (Request)
HIGH
2018/07/03DDI RULE 2349/vinfo/cn/threat-encyclopedia/network/ddi-rule-2349
DDI RULE 2507 Unauthorized TESTFR IEC-104 Request
HIGH
2018/06/28DDI RULE 2507/vinfo/cn/threat-encyclopedia/network/ddi-rule-2507
DDI RULE 2508 Unauthorized STARTDT IEC-104 Request
HIGH
2018/06/28DDI RULE 2508/vinfo/cn/threat-encyclopedia/network/ddi-rule-2508
DDI RULE 2509 Unauthorized STOPDT IEC-104 Request
HIGH
2018/06/28DDI RULE 2509/vinfo/cn/threat-encyclopedia/network/ddi-rule-2509
DDI RULE 2510 Non-IEC-104 Communication Request
HIGH
2018/06/28DDI RULE 2510/vinfo/cn/threat-encyclopedia/network/ddi-rule-2510
DDI RULE 2511 IEC104 STOPDT CON - SCADA (Response)
MEDIUM
2018/06/28DDI RULE 2511/vinfo/cn/threat-encyclopedia/network/ddi-rule-2511
DDI RULE 2512 IEC104 STARTDT CON - SCADA (Response)
MEDIUM
2018/06/28DDI RULE 2512/vinfo/cn/threat-encyclopedia/network/ddi-rule-2512
DDI RULE 2529 APT - TURLA - HTTP (Request)
HIGH
2018/06/28DDI RULE 2529/vinfo/cn/threat-encyclopedia/network/ddi-rule-2529
DDI RULE 253 RUSTOCK - HTTP (Request) - Variant 2
HIGH
2018/06/28DDI RULE 253/vinfo/cn/threat-encyclopedia/network/ddi-rule-253
DDI RULE 2687 CVE-2018-7602 - Remote Code Execution - HTTP (Request) - Variant 2
HIGH
2018/06/28DDI RULE 2687/vinfo/cn/threat-encyclopedia/network/ddi-rule-2687
DDI RULE 2685 Possible Host Discovery - ICMP (Response)
HIGH
2018/06/28DDI RULE 2685/vinfo/cn/threat-encyclopedia/network/ddi-rule-2685
DDI RULE 2686 Command Execution - SMB (Request)
HIGH
2018/06/26DDI RULE 2686/vinfo/cn/threat-encyclopedia/network/ddi-rule-2686
DDI RULE 2680 Acunetix Web Vulnerability Scanner - HTTP (Request)
HIGH
2018/06/26DDI RULE 2680/vinfo/cn/threat-encyclopedia/network/ddi-rule-2680
DDI RULE 2681 DirBuster - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2681/vinfo/cn/threat-encyclopedia/network/ddi-rule-2681
DDI RULE 2682 NMAP - HTTP (Request
MEDIUM
2018/06/26DDI RULE 2682/vinfo/cn/threat-encyclopedia/network/ddi-rule-2682
DDI RULE 2683 W3AF - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2683/vinfo/cn/threat-encyclopedia/network/ddi-rule-2683
DDI RULE 2684 GoLismero - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2684/vinfo/cn/threat-encyclopedia/network/ddi-rule-2684
DDI RULE 2651 JBOSSAS COMMAND EXECUTION EXPLOIT - HTTP (Request)
MEDIUM
2018/06/26DDI RULE 2651/vinfo/cn/threat-encyclopedia/network/ddi-rule-2651
DDI RULE 2674 Web Vulnerability Scanner - HTTP (Request)
HIGH
2018/06/25DDI RULE 2674/vinfo/cn/threat-encyclopedia/network/ddi-rule-2674
DDI RULE 2675 Web Vulnerability Scanner - HTTP (Request) - Variant 2
HIGH
2018/06/25DDI RULE 2675/vinfo/cn/threat-encyclopedia/network/ddi-rule-2675
DDI RULE 2668 REGEORG - HTTP (Request)
HIGH
2018/06/25DDI RULE 2668/vinfo/cn/threat-encyclopedia/network/ddi-rule-2668
DDI RULE 2679 CVE-2016-3714 - ImageMagick Command Execution Exploit - HTTP (Request)
MEDIUM
2018/06/25DDI RULE 2679/vinfo/cn/threat-encyclopedia/network/ddi-rule-2679
DDI RULE 2669 APT - DARKHOTEL - HTTP (Request)
HIGH
2018/06/21DDI RULE 2669/vinfo/cn/threat-encyclopedia/network/ddi-rule-2669
DDI RULE 2670 Comprehensive Tool - TDS (Request)
HIGH
2018/06/21DDI RULE 2670/vinfo/cn/threat-encyclopedia/network/ddi-rule-2670
DDI RULE 2671 Vulnerability Scanner - HTTP (Request) - Variant 3
HIGH
2018/06/21DDI RULE 2671/vinfo/cn/threat-encyclopedia/network/ddi-rule-2671
DDI RULE 2673 Earthworm Port Forwarding - TCP (Request)
HIGH
2018/06/21DDI RULE 2673/vinfo/cn/threat-encyclopedia/network/ddi-rule-2673
DDI RULE 2664 CreateService - SMB (Request)
HIGH
2018/06/21DDI RULE 2664/vinfo/cn/threat-encyclopedia/network/ddi-rule-2664
DDI RULE 2664 CreateService - SMB (Request)
HIGH
2018/06/21DDI RULE 2664/vinfo/cn/threat-encyclopedia/network/ddi-rule-2664
DDI RULE 2665 SOFACY - HTTP (Request)
MEDIUM
2018/06/20DDI RULE 2665/vinfo/cn/threat-encyclopedia/network/ddi-rule-2665
DDI RULE 2667 CVE-2018-9995 Authentication Bypass Exploit - HTTP (Request)
HIGH
2018/06/20DDI RULE 2667/vinfo/cn/threat-encyclopedia/network/ddi-rule-2667
DDI RULE 2663 APT - EXFRAM - TCP (Request)
HIGH
2018/06/19DDI RULE 2663/vinfo/cn/threat-encyclopedia/network/ddi-rule-2663
DDI RULE 2417 CVE-2017-7494 - Remote Code Execution - SMB (Request) - Variant 2
MEDIUM
2018/06/19DDI RULE 2417/vinfo/cn/threat-encyclopedia/network/ddi-rule-2417
DDI RULE 2386 C99 PHP SHELL - HTTP
HIGH
2018/06/19DDI RULE 2386/vinfo/cn/threat-encyclopedia/network/ddi-rule-2386
DDI RULE 2387 DK PHP SHELL - HTTP
HIGH
2018/06/19DDI RULE 2387/vinfo/cn/threat-encyclopedia/network/ddi-rule-2387
DDI RULE 2660 ASP WebShell - HTTP (Request)
HIGH
2018/06/18DDI RULE 2660/vinfo/cn/threat-encyclopedia/network/ddi-rule-2660
DDI RULE 2661 HYTOP2006 ASP WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2661/vinfo/cn/threat-encyclopedia/network/ddi-rule-2661
DDI RULE 2662 PHPSPY WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2662/vinfo/cn/threat-encyclopedia/network/ddi-rule-2662
DDI RULE 2658 Ghost WebShell - HTTP (Request)
MEDIUM
2018/06/18DDI RULE 2658/vinfo/cn/threat-encyclopedia/network/ddi-rule-2658
DDI RULE 2659 PHP WebShell - HTTP (Request) - Variant 2
MEDIUM
2018/06/18DDI RULE 2659/vinfo/cn/threat-encyclopedia/network/ddi-rule-2659
DDI RULE 266 GOZI - HTTP (Request)
HIGH
2018/06/12DDI RULE 266/vinfo/cn/threat-encyclopedia/network/ddi-rule-266
DDI RULE 2655 Possible CVE-2017-9506 Atlassian OAth Proxy Exploit - HTTP (Request)
MEDIUM
2018/06/12DDI RULE 2655/vinfo/cn/threat-encyclopedia/network/ddi-rule-2655
DDI RULE 2656 CVE-2018-1418 - QRADAR Command Injection - HTTP (Request)
HIGH
2018/06/12DDI RULE 2656/vinfo/cn/threat-encyclopedia/network/ddi-rule-2656
DDI RULE 2602 RIG - Exploit Kit - HTTP (Request) - Variant 5
HIGH
2018/06/06DDI RULE 2602/vinfo/cn/threat-encyclopedia/network/ddi-rule-2602
DDI RULE 2653 PHOTOMINER - HTTP (Response)
HIGH
2018/06/05DDI RULE 2653/vinfo/cn/threat-encyclopedia/network/ddi-rule-2653
DDI RULE 2654 Powershell - SMB
MEDIUM
2018/06/05DDI RULE 2654/vinfo/cn/threat-encyclopedia/network/ddi-rule-2654
DDI RULE 2445 Suspicious file rename - SMB2 (Request)
HIGH
2018/06/05DDI RULE 2445/vinfo/cn/threat-encyclopedia/network/ddi-rule-2445
DDI RULE 2652 VPNFILTER - HTTP (Request)
HIGH
2018/06/04DDI RULE 2652/vinfo/cn/threat-encyclopedia/network/ddi-rule-2652
DDI RULE 2649 GRANDSOFT - Exploit Kit - HTTP(Request)
HIGH
2018/05/30DDI RULE 2649/vinfo/cn/threat-encyclopedia/network/ddi-rule-2649
DDI RULE 2650 ANDROM - HTTP (Response)
MEDIUM
2018/05/30DDI RULE 2650/vinfo/cn/threat-encyclopedia/network/ddi-rule-2650
DDI RULE 2624 POWERDNS - DNS (Response)
HIGH
2018/05/30DDI RULE 2624/vinfo/cn/threat-encyclopedia/network/ddi-rule-2624
DDI RULE 2648 CVE-2018-1000136 Electron Node Integration Exploit- HTTP (Request)
HIGH
2018/05/28DDI RULE 2648/vinfo/cn/threat-encyclopedia/network/ddi-rule-2648
DDI RULE 2647 ANDROM - HTTP (Request)
HIGH
2018/05/22DDI RULE 2647/vinfo/cn/threat-encyclopedia/network/ddi-rule-2647
DDI RULE 2641 CVE-2018-1308 Apache Solr Data Import Handler XML Exploit - HTTP (Request)
HIGH
2018/05/21DDI RULE 2641/vinfo/cn/threat-encyclopedia/network/ddi-rule-2641
DDI RULE 2645 CVE-2017-16598 Netgain SNMPWALK IP Directory Traversal Exploit HTTP - (Request)
HIGH
2018/05/21DDI RULE 2645/vinfo/cn/threat-encyclopedia/network/ddi-rule-2645
DDI RULE 2646 CVE-2018-1111 Remote Code Injection Exploit - DHCP (Response)
HIGH
2018/05/21DDI RULE 2646/vinfo/cn/threat-encyclopedia/network/ddi-rule-2646
DDI RULE 2644 Suspicious Access to a bit Domain - DNS (Response)
MEDIUM
2018/05/17DDI RULE 2644/vinfo/cn/threat-encyclopedia/network/ddi-rule-2644
DDI RULE 2072 CVE-2016-3081 - Remote Code Execution - HTTP (Request) - Variant 2
LOW
2018/05/17DDI RULE 2072/vinfo/cn/threat-encyclopedia/network/ddi-rule-2072
DDI RULE 2642 NEGASTEAL - HTTP (Request)
HIGH
2018/05/16DDI RULE 2642/vinfo/cn/threat-encyclopedia/network/ddi-rule-2642
DDI RULE 2643 NECURS - SMB
HIGH
2018/05/16DDI RULE 2643/vinfo/cn/threat-encyclopedia/network/ddi-rule-2643
DDI RULE 2640 CVE-2018-5443 Advantech Webaccess SQL Injection - HTTP (Request)
HIGH
2018/05/15DDI RULE 2640/vinfo/cn/threat-encyclopedia/network/ddi-rule-2640
DDI RULE 2637 CVE-2018-0171 Buffer Overflow - TCP (Request)
MEDIUM
2018/05/09DDI RULE 2637/vinfo/cn/threat-encyclopedia/network/ddi-rule-2637
DDI RULE 2625 UDPOS - DNS (Request)
HIGH
2018/05/09DDI RULE 2625/vinfo/cn/threat-encyclopedia/network/ddi-rule-2625
DDI RULE 2574 CVE-2017-16943 EXIM Remote Code Execution exploit - SMTP (Request)
MEDIUM
2018/05/08DDI RULE 2574/vinfo/cn/threat-encyclopedia/network/ddi-rule-2574

    通过以下社交网站联系我们