| 번호 | 날짜 | ID | 시그니처 (Total Ruleset: 27,111개) |
| 26,561 | 2018/09/21 | 2026120 | ET MOBILE_MALWARE Android APT-C-23 (hcttmail .com in TLS SNI); [1] |
| 26,560 | 2018/09/21 | 2026143 | ET MOBILE_MALWARE Android APT-C-23 (heyapp .website in DNS Lookup); [1] |
| 26,559 | 2018/09/21 | 2026132 | ET MOBILE_MALWARE Android APT-C-23 (accaunts-googlc .com in TLS SNI); [1] |
| 26,558 | 2018/09/21 | 2026133 | ET MOBILE_MALWARE Android APT-C-23 (dachfunny .club in DNS Lookup); [1] |
| 26,557 | 2018/09/21 | 2026126 | ET MOBILE_MALWARE Android APT-C-23 (daario-naharis .info in TLS SNI); [1] |
| 26,556 | 2018/09/21 | 2026135 | ET MOBILE_MALWARE Android APT-C-23 (help-sec .club in DNS Lookup); [1] |
| 26,555 | 2018/09/21 | 2026116 | ET MOBILE_MALWARE Android APT-C-23 (1jve .com in TLS SNI); [1] |
| 26,554 | 2018/09/21 | 2026136 | ET MOBILE_MALWARE Android APT-C-23 (help-sec .club in TLS SNI); [1] |
| 26,553 | 2018/09/21 | 2026129 | ET MOBILE_MALWARE Android APT-C-23 (margaery-tyrell .info in DNS Lookup); [1] |
| 26,552 | 2018/09/21 | 2026125 | ET MOBILE_MALWARE Android APT-C-23 (daario-naharis .info in DNS Lookup); [1] |
| 26,551 | 2018/09/21 | 2026115 | ET MOBILE_MALWARE Android APT-C-23 (1jve .com in DNS Lookup); [1] |
| 26,550 | 2018/09/20 | 2026114 | ET MALWARE Luxsoft Win32/ICLoader User-Agent; |
| 26,549 | 2018/09/16 | 2026113 | ET TROJAN [PTsecurity] Win32/Ramnit Stage 0 Communicating with CnC; [1] |
| 26,548 | 2018/09/16 | 2026112 | ET CURRENT_EVENTS Observed Malicious SSL Cert (MageCart Exfil); [1] |
| 26,547 | 2018/09/14 | 2026111 | ET CURRENT_EVENTS Microsoft Tech Support Phone Scam Landing 2018-09-12; |
| 26,546 | 2018/09/14 | 2026110 | ET TROJAN Observed Malicious SSL Cert (MageCart Exfil Domain); [1] |
| 26,545 | 2018/09/13 | 2026109 | ET CURRENT_EVENTS Possible Tor/Noscript JS Bypass; [1] |
| 26,544 | 2018/09/11 | 2026103 | ET EXPLOIT Possible Vacron NVR Remote Command Execution M2; [1,2] |
| 26,543 | 2018/09/11 | 2026108 | ET EXPLOIT NUUO OS Command Injection M2; [1] |
| 26,542 | 2018/09/11 | 2026104 | ET EXPLOIT EnGenius EnShare IoT Gigabit Cloud Service RCE; [1] |
| 26,541 | 2018/09/11 | 2026105 | ET EXPLOIT Zyxel Command Injection RCE (CVE-2017-6884); [1] |
| 26,540 | 2018/09/11 | 2026107 | ET EXPLOIT NUUO OS Command Injection; [1] |
| 26,539 | 2018/09/11 | 2026106 | ET EXPLOIT NetGain Enterprise Manager 7.2.562 Ping Command Injection; [1] |
| 26,538 | 2018/09/11 | 2026102 | ET EXPLOIT Linksys E-Series Device RCE Attempt; [1,2] |
| 26,537 | 2018/09/08 | 2026101 | ET USER_AGENTS MSIL/Peppy User-Agent; |
| 26,536 | 2018/09/07 | 2026097 | ET TROJAN Suspected Monero Miner CnC Channel TXT Lookup; |
| 26,535 | 2018/09/07 | 2026096 | ET EXPLOIT Apache Struts getWriter and opensymphony inbound OGNL injection remote code execution attempt; |
| 26,534 | 2018/09/07 | 2026099 | ET TROJAN Win32/Aura Ransomware CnC Activity; |
| 26,533 | 2018/09/07 | 2026098 | ET TROJAN Suspected Monero Miner CnC Channel Secondary Domain Lookup; |
| 26,532 | 2018/09/07 | 2026091 | ET EXPLOIT Ghostscript setpattern type confusion attempt; [1] |
| 26,531 | 2018/09/07 | 2026075 | ET INFO Inbound PowerShell Checking for Virtual Host (MSAcpi_ThermalZoneTemperature WMI); [1] |
| 26,530 | 2018/09/07 | 2026090 | ET EXPLOIT Ghostscript setpattern type confusion attempt (SMTP); [1] |
| 26,529 | 2018/09/07 | 2026076 | ET INFO Inbound PowerShell Checking for Virtual Host (Win32_PointingDevice WMI); [1] |
| 26,528 | 2018/09/07 | 2026100 | ET USER_AGENTS Aura Ransomware User-Agent; |
| 26,527 | 2018/09/07 | 2026084 | ET EXPLOIT Ghostscript invalidcheck escape attempt (SMTP); [1] |
| 26,526 | 2018/09/07 | 2026086 | ET EXPLOIT Ghostscript illegal read undefinedfilename attempt (SMTP); [1] |
| 26,525 | 2018/09/07 | 2026094 | ET EXPLOIT Apache Struts memberAccess and getWriter inbound OGNL injection remote code execution attempt; |
| 26,524 | 2018/09/07 | 2026078 | ET INFO Inbound PowerShell Checking for Virtual Host (Win32_BaseBoard WMI); [1] |
| 26,523 | 2018/09/07 | 2026073 | ET TROJAN Malicious Mega Chrome Extension Exfil Domain (www .megaopac .host in TLS SNI); [1] |
| 26,522 | 2018/09/07 | 2026081 | ET TROJAN OilRig OopsIE CnC Checkin M2; [1] |
| 26,521 | 2018/09/07 | 2026085 | ET EXPLOIT Ghostscript invalidcheck escape attempt; [1] |
| 26,520 | 2018/09/07 | 2026092 | ET EXPLOIT Ghostscript LockDistillerParams type confusion attempt (SMTP); [1] |
| 26,519 | 2018/09/07 | 2026089 | ET EXPLOIT Ghostscript illegal delete bindnow attempt; [1] |
| 26,518 | 2018/09/07 | 2026077 | ET INFO Inbound PowerShell Checking for Virtual Host (Win32_DiskDevice WMI); [1] |
| 26,517 | 2018/09/07 | 2026080 | ET TROJAN OilRig CnC DNS Lookup (windowspatch .com); [1] |
| 26,516 | 2018/09/07 | 2026083 | ET TROJAN OilRig OopsIE CnC Checkin M4; [1] |
| 26,515 | 2018/09/07 | 2026079 | ET TROJAN OilRig CnC DNS Lookup (defender-update .com); [1] |
| 26,514 | 2018/09/07 | 2026087 | ET EXPLOIT Ghostscript illegal read undefinedfilename attempt; [1] |
| 26,513 | 2018/09/07 | 2026095 | ET EXPLOIT Apache Struts memberAccess and opensymphony inbound OGNL injection remote code execution attempt; |
| 26,512 | 2018/09/07 | 2026088 | ET EXPLOIT Ghostscript illegal delete bindnow attempt (SMTP); [1] |
| < 11 12 13 14 15 16 17 18 19 20 > |