시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
26,4612018/08/25 2026035  ET WEB_SPECIFIC_APPS Apache Struts memberAccess inbound OGNL injection remote code execution attempt;  
26,4602018/08/25 2026031  ET WEB_SPECIFIC_APPS Apache Struts ognl inbound OGNL injection remote code execution attempt;  
26,4592018/08/25 2026029  ET EXPLOIT HP Enterprise VAN SDN Controller Root Command Injection (Linux); [1
26,4582018/08/25 2026036  ET WEB_SPECIFIC_APPS MicroFocus Secure Messaging Gateway SQL Injection; [1
26,4572018/08/25 2026034  ET WEB_SPECIFIC_APPS Apache Struts inbound .getClass OGNL injection remote code execution attempt;  
26,4562018/08/25 2026033  ET WEB_SPECIFIC_APPS Apache Struts java.lang inbound OGNL injection remote code execution attempt;  
26,4552018/08/25 2026024  ET EXPLOIT Apache Struts Possible OGNL Java Exec In URI M2;  
26,4542018/08/25 2026030  ET EXPLOIT HP Enterprise VAN SDN Controller Upload Backdoor 2; [1
26,4532018/08/25 2026022  ET TROJAN MSIL/BISKVIT DNS Lookup (secured-links .org); [1
26,4522018/08/25 2026028  ET EXPLOIT HP Enterprise VAN SDN Controller Root Command Injection (Unix); [1
26,4512018/08/23 2026011  ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 3; [1
26,4502018/08/23 2026004  ET TROJAN [PTsecurity] Remcos RAT Checkin 26;  
26,4492018/08/23 2026014  ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 6; [1
26,4482018/08/23 2026012  ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 4; [1
26,4472018/08/23 2026005  ET SCADA SEIG Modbus 3.4 - Remote Code Execution; [1
26,4462018/08/23 2026008  ET SCAN Geutebrueck re_porter 7.8.974.20 Information Disclosure; [1
26,4452018/08/23 2026015  ET SCAN Hikvision IP Camera 5.4.0 Information Disclosure; [1
26,4442018/08/23 2026013  ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 5; [1
26,4432018/08/23 2026010  ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 2; [1
26,4422018/08/23 2026009  ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 1; [1
26,4412018/08/23 2026006  ET CURRENT_EVENTS Successful Generic Phish Phish 2018-08-21;  
26,4402018/08/23 2026007  ET TROJAN [PTsecurity] MSIL/Biskvit.A Check-in; [1
26,4392018/08/23 2026003  ET SCADA SEIG SYSTEM 9 - Remote Code Execution; [1
26,4382018/08/21 2026002  ET TROJAN [PTsecurity] Tinba (Banking Trojan) Check-in;  
26,4372018/08/21 2025999  ET TROJAN Panda Banker Injects Domain (urimchi3dt4 .website in DNS Lookup); [1
26,4362018/08/21 2025996  ET TROJAN Observed Malicious SSL Cert (Panda Banker Injects); [1
26,4352018/08/21 2025997  ET TROJAN Panda Banker C2 Domain (uiaoduiiej .chimkent .su in DNS Lookup); [1
26,4342018/08/21 2025995  ET TROJAN Observed Malicious SSL Cert (Panda Banker C2); [1
26,4332018/08/21 2026001  ET TROJAN [PTsecurity] Tinba (Banking Trojan) HTTP Header;  
26,4322018/08/21 2026000  ET TROJAN Panda Banker Injects Domain (urimchi3dt4 .website in TLS SNI); [1
26,4312018/08/21 2025998  ET TROJAN Panda Banker C2 Domain (uiaoduiiej .chimkent .su in TLS SNI); [1
26,4302018/08/17 2025994  ET TROJAN [PTsecurity] Win32/Spy.Agent.PMJ (MICROPSIA);  
26,4292018/08/16 2025992  ET EXPLOIT Possible ETERNALBLUE Probe MS17-010 (Generic Flags); [1
26,4282018/08/16 2025993  ET TROJAN Sharik/Smoke CnC Beacon 11;  
26,4272018/08/16 2025991  ET TROJAN Lazarus Downloader (JEUSD) CnC Beacon; [1
26,4262018/08/16 2025990  ET TROJAN SSL Cert Associated with Lazarus Downloader (JEUSD); [1
26,4252018/08/15 2025988  ET MOBILE_MALWARE Trojan-Spy.AndroidOS.CrazyMango.a CnC Beacon; [1
26,4242018/08/15 2025987  ET MOBILE_MALWARE Trojan-Spy.AndroidOS.CrazyMango.a Checkin; [1
26,4232018/08/15 2025989  ET MOBILE_MALWARE Trojan-Spy.AndroidOS.CrazyMango.a Checkin 2; [1
26,4222018/08/15 2025985  ET INFO Adobe PDX in HTTP Flowbit Set;  
26,4212018/08/15 2025986  ET INFO MP3 with ID3 in HTTP Flowbit Set;  
26,4202018/08/11 2025983  ET EXPLOIT SMB Null Pointer Dereference PoC Inbound (CVE-2018-0833); [1
26,4192018/08/11 2025984  ET TROJAN [eSentire] Remcos RAT Checkin 25;  
26,4182018/08/10 2025982  ET TROJAN MSIL/Eredel Stealer CnC Checkin;  
26,4172018/08/09 2025974  ET CURRENT_EVENTS Microsoft Account Phishing Landing 2018-08-07;  
26,4162018/08/09 2025980  ET POLICY TRR DNS over HTTPS detected; [1
26,4152018/08/09 2025977  ET CURRENT_EVENTS Adobe Phishing Landing 2018-08-07;  
26,4142018/08/09 2025979  ET CURRENT_EVENTS Alibaba Phishing Landing 2018-08-07;  
26,4132018/08/09 2025981  ET CURRENT_EVENTS Microsoft Phishing Landing 2018-08-07;  
26,4122018/08/09 2025978  ET CURRENT_EVENTS Microsoft Ajax Phishing Landing 2018-08-07;  
< 11  12  13  14  15  16  17  18  19  20 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.