Ruleset Update Summary - 2025/01/08 - v10832

Ruleset Updates
1

Summary:

0 new OPEN, 0 new PRO (0 + 0)

Modified inactive rules:

  • 2001990 - ET EXPLOIT JamMail Jammail.pl Remote Command Execution Attempt (exploit.rules)
  • 2002724 - ET ACTIVEX MciWndx ActiveX Control (activex.rules)
  • 2002861 - ET ACTIVEX Danim.dll and Dxtmsft.dll COM Objects (activex.rules)
  • 2003102 - ET ACTIVEX Microsoft Multimedia Controls - ActiveX control’s spline function call CLSID (activex.rules)
  • 2003103 - ET ACTIVEX Microsoft Multimedia Controls - ActiveX control’s spline function call Object (activex.rules)
  • 2003105 - ET ACTIVEX Microsoft Multimedia Controls - ActiveX control’s KeyFrame function call Object (activex.rules)
  • 2003145 - ET EXPLOIT Novell HttpStk Remote Code Execution Attempt /nds (exploit.rules)
  • 2003146 - ET EXPLOIT Novell HttpStk Remote Code Execution Attempt /dhost (exploit.rules)
  • 2003147 - ET EXPLOIT Novell HttpStk Remote Code Execution Attempt /dhost (linewrap) (exploit.rules)
  • 2003148 - ET EXPLOIT Novell HttpStk Remote Code Execution Attempt /nds (linewrap) (exploit.rules)
  • 2003158 - ET ACTIVEX Microsoft WMIScriptUtils.WMIObjectBroker object call CSLID (activex.rules)
  • 2003159 - ET ACTIVEX Microsoft VsmIDE.DTE object call CSLID (activex.rules)
  • 2003160 - ET ACTIVEX Microsoft DExplore.AppObj.8.0 object call CSLID (activex.rules)
  • 2003161 - ET ACTIVEX Microsoft VisualStudio.DTE.8.0 object call CSLID (activex.rules)
  • 2003162 - ET ACTIVEX Microsoft Microsoft.DbgClr.DTE.8.0 object call CSLID (activex.rules)
  • 2003163 - ET ACTIVEX Microsoft VsaIDE.DTE object call CSLID (activex.rules)
  • 2003164 - ET ACTIVEX Microsoft Business Object Factory object call CSLID (activex.rules)
  • 2003165 - ET ACTIVEX Microsoft Outlook Data Object object call CSLID (activex.rules)
  • 2003166 - ET ACTIVEX Microsoft Outlook.Application object call CSLID (activex.rules)
  • 2003332 - ET EXPLOIT GuppY error.php POST Arbitrary Remote Code Execution (exploit.rules)
  • 2007852 - ET ACTIVEX Gateway Weblaunch2.ocx ActiveX Control Insecure Method Exploit (activex.rules)
  • 2007853 - ET ACTIVEX ImageShack Toolbar ImageShackToolbar.dll ActiveX Control Insecure Method Vulnerability (activex.rules)
  • 2007932 - ET ACTIVEX Symantec BackupExec Calendar Control (PVCalendar.ocx) BoF Vulnerability (activex.rules)
  • 2007998 - ET ACTIVEX Rediff Bol Downloader ActiveX Control Remote Code Execution (activex.rules)
  • 2008062 - ET ACTIVEX Universal HTTP File Upload Remote File Deletetion (activex.rules)
  • 2008127 - ET ACTIVEX Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Insecure Methods (activex.rules)
  • 2008128 - ET ACTIVEX Tumbleweed SecureTransport FileTransfer ActiveX BOF Exploit (activex.rules)
  • 2008129 - ET ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite (activex.rules)
  • 2008173 - ET ACTIVEX PPStream PowerPlayer.DLL ActiveX Control BoF Vulnerability (activex.rules)
  • 2008226 - ET ACTIVEX Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit (activex.rules)
  • 2008607 - ET ACTIVEX Chilkat IMAP ActiveX File Execution and IE DoS (activex.rules)
  • 2008612 - ET ACTIVEX Autodesk Design Review DWF Viewer ActiveX Control SaveAs Insecure Method (activex.rules)
  • 2008613 - ET ACTIVEX GdPicture Pro ActiveX control SaveAsPDF Insecure Method (activex.rules)
  • 2008618 - ET ACTIVEX IAS Helper COM Component iashlpr.dll activex remote DOS (activex.rules)
  • 2008620 - ET ACTIVEX Internet Information Service iisext.dll activex setpassword Insecure Method (activex.rules)
  • 2008621 - ET ACTIVEX Internet Information Service adsiis.dll activex remote DOS (activex.rules)
  • 2008673 - ET ACTIVEX Microsoft PicturePusher ActiveX Cross Site File Upload Attack (activex.rules)
  • 2008678 - ET ACTIVEX Hummingbird Deployment Wizard 2008 ActiveX Insecure Methods (activex.rules)
  • 2008792 - ET ACTIVEX Microsoft DebugDiag CrashHangExt.dll ActiveX Control Remote Denial of Service (activex.rules)
  • 2008809 - ET ACTIVEX MW6 Technologies Barcode ActiveX Barcode.dll Multiple Arbitrary File Overwrite (activex.rules)
  • 2008810 - ET ACTIVEX MW6 PDF417 MW6PDF417.dll ActiveX Control Multiple Arbitrary File Overwrite (activex.rules)
  • 2008811 - ET ACTIVEX MW6 DataMatrix DataMatrix.dll ActiveX Control Multiple Arbitrary File Overwrite (activex.rules)
  • 2008812 - ET ACTIVEX MW6 Aztec ActiveX Aztec.dll ActiveX Control Multiple Arbitrary File Overwrite (activex.rules)
  • 2008814 - ET ACTIVEX Chilkat Crypt ActiveX Component WriteFile Insecure Method (activex.rules)
  • 2008870 - ET ACTIVEX Chilkat Socket ACTIVEX Remote Arbitrary File Creation (activex.rules)
  • 2008887 - ET ACTIVEX Microsoft XML Core Services DTD Cross Domain Information Disclosure clsid (activex.rules)
  • 2008895 - ET ACTIVEX Visagesoft eXPert PDF EditorX ActiveX Control Arbitrary File Overwrite (activex.rules)
  • 2009046 - ET ACTIVEX Chilkat Socket Activex Remote Arbitrary File Overwrite 1 (activex.rules)
  • 2009063 - ET ACTIVEX Easy Grid ActiveX Multiple Arbitrary File Overwrite (activex.rules)
  • 2009064 - ET ACTIVEX Ciansoft PDFBuilderX Control ActiveX Arbitrary File Overwrite (activex.rules)
  • 2009102 - ET ACTIVEX Easy Grid ActiveX Multiple Arbitrary File Overwrite (activex.rules)
  • 2009104 - ET ACTIVEX MetaProducts MetaTreeX ActiveX Control Arbitrary File Overwrite (activex.rules)
  • 2009115 - ET ACTIVEX JamDTA ActiveX Control SaveToFile Arbitrary File Overwrite (activex.rules)
  • 2009120 - ET ACTIVEX FlexCell Grid ActiveX Multiple Arbitrary File Overwrite (activex.rules)
  • 2009121 - ET ACTIVEX NCTsoft NCTAudioFile2 ActiveX Control NCTWMAFILE2.DLL Arbitrary File Overwrite (activex.rules)
  • 2009136 - ET ACTIVEX Web on Windows ActiveX Insecure Methods (activex.rules)
  • 2009160 - ET ACTIVEX GeoVision LiveX_v8200 ActiveX Control Arbitrary File Overwrite (activex.rules)
  • 2009161 - ET ACTIVEX GeoVision LiveX_v7000 ActiveX Control Arbitrary File Overwrite (activex.rules)
  • 2009162 - ET ACTIVEX GeoVision LiveX_v8120 ActiveX Control Arbitrary File Overwrite (activex.rules)
  • 2009184 - ET ACTIVEX FathFTP ActiveX DeleteFile Arbitrary File Deletion (activex.rules)
  • 2009187 - ET ACTIVEX iDefense COMRaider ActiveX Control Arbitrary File Deletion (activex.rules)
  • 2009226 - ET ACTIVEX Sopcast SopCore ActiveX Control Remote Code Execution (activex.rules)
  • 2009314 - ET ACTIVEX Orbit Downloader ActiveX Control Arbitrary File Delete (activex.rules)
  • 2009315 - ET ACTIVEX PrecisionID Datamatrix ActiveX control Arbitrary File Overwrite (activex.rules)
  • 2009322 - ET ACTIVEX SupportSoft DNA Editor Module ActiveX Control Insecure Method Remote Code Execution (activex.rules)
  • 2009328 - ET ACTIVEX GeoVision LiveAudio ActiveX Control Remote Code Execution (activex.rules)
  • 2009334 - ET ACTIVEX Morovia Barcode ActiveX Control Arbitrary File Overwrite (activex.rules)
  • 2009373 - ET ACTIVEX Symantec Norton Ghost EasySetupInt.dll ActiveX Multiple Remote Denial of Service (activex.rules)
  • 2009400 - ET ACTIVEX Microsoft Communications Control Clsid Access (activex.rules)
  • 2009401 - ET ACTIVEX Microgaming FlashXControl Control Clsid Access (activex.rules)
  • 2009402 - ET ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) (activex.rules)
  • 2009403 - ET ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) (activex.rules)
  • 2009404 - ET ACTIVEX HP Virtual Rooms Control Clsid Access (activex.rules)
  • 2009411 - ET ACTIVEX McAfee ePolicy Orchestrator naPolicyManager.dll Arbitrary Data Write Attempt (activex.rules)
  • 2009598 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (29) (activex.rules)
  • 2009599 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (30) (activex.rules)
  • 2009600 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (31) (activex.rules)
  • 2009601 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (32) (activex.rules)
  • 2009602 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (33) (activex.rules)
  • 2009603 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (34) (activex.rules)
  • 2009604 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (35) (activex.rules)
  • 2009606 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (37) (activex.rules)
  • 2009607 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (38) (activex.rules)
  • 2009609 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (40) (activex.rules)
  • 2009617 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (4) (activex.rules)
  • 2009618 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (5) (activex.rules)
  • 2009619 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (6) (activex.rules)
  • 2009620 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (7) (activex.rules)
  • 2009621 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (8) (activex.rules)
  • 2009622 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (9) (activex.rules)
  • 2009623 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (10) (activex.rules)
  • 2009624 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (11) (activex.rules)
  • 2009625 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (12) (activex.rules)
  • 2009626 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (13) (activex.rules)
  • 2009627 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (14) (activex.rules)
  • 2009628 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (15) (activex.rules)
  • 2009629 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (16) (activex.rules)
  • 2009630 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (17) (activex.rules)
  • 2009631 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (18) (activex.rules)
  • 2009632 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (19) (activex.rules)
  • 2009633 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (20) (activex.rules)
  • 2009634 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (21) (activex.rules)
  • 2009635 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (22) (activex.rules)
  • 2009636 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (23) (activex.rules)
  • 2009638 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (24) (activex.rules)
  • 2009639 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (25) (activex.rules)
  • 2009640 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (26) (activex.rules)
  • 2009641 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (27) (activex.rules)
  • 2009642 - ET ACTIVEX Vulnerable Microsoft Video ActiveX CLSID access (28) (activex.rules)
  • 2010029 - ET ACTIVEX PDFZilla 1.0.8 ActiveX DebugMsgLog method DOS CLSid Access (activex.rules)
  • 2010154 - ET ACTIVEX EMC Captiva PixTools ActiveX Arbitrary File Creation/Overwrite function call Attempt (activex.rules)
  • 2010155 - ET ACTIVEX EMC Captiva PixTools ActiveX Arbitrary File Creation/Overwrite function call Attempt (activex.rules)
  • 2010190 - ET ACTIVEX Altirix eXpress NS SC ActiveX Arbitrary Code Execution Function Call (activex.rules)
  • 2010253 - ET ACTIVEX EasyMail Quicksoft ActiveX Control Remote code excution clsid access attempt (activex.rules)
  • 2010257 - ET ACTIVEX Installshiled 2009 premier ActiveX File Overwrite Function Call (activex.rules)
  • 2010258 - ET ACTIVEX Installshiled 2009 premier ActiveX File Overwrite clsid Access (activex.rules)
  • 2010277 - ET ACTIVEX EasyMail Quicksoft ActiveX CreateStore method Remote code excution clsid access (activex.rules)
  • 2010278 - ET ACTIVEX EasyMail ActiveX AddAttachment method Remote code excution clsid access attempt (activex.rules)
  • 2010279 - ET ACTIVEX InstanGet v2.08 Activex Control DOS clsid access attempt (activex.rules)
  • 2010280 - ET ACTIVEX Charm Real Converter pro 6.6 Activex Control DOS clsid access attempt (activex.rules)
  • 2010356 - ET ACTIVEX NCTAVIFile V 1.6.2 Activex File Creation clsid access attempt (activex.rules)
  • 2010357 - ET ACTIVEX NCTAVIFile V 1.6.2 ActiveX File Creation Function call attempt (activex.rules)
  • 2010358 - ET ACTIVEX Macrovision FLEXnet Connect ActiveX Control Arbitrary File Download (activex.rules)
  • 2010363 - ET ACTIVEX Orca Browser 1.1 Activex Command Execution clsid access attempt (activex.rules)
  • 2010364 - ET ACTIVEX Orca Browser 1.1 ActiveX Command Execution Function call attempt (activex.rules)
  • 2010365 - ET ACTIVEX ProgramChecker 1.5 Activex Command Execution clsid access attempt (activex.rules)
  • 2010366 - ET ACTIVEX ProgramChecker 1.5 ActiveX Command Execution Function call attempt (activex.rules)
  • 2010367 - ET ACTIVEX Gom Player V 2.1.16 Activex Command Execution clsid access attempt (activex.rules)
  • 2010368 - ET ACTIVEX Gom Player V 2.1.16 ActiveX Command Execution Function call attempt (activex.rules)
  • 2010456 - ET ACTIVEX SonicWALL SSL VPN Client Remote ActiveX AddRouteEntry Attempt (activex.rules)
  • 2010835 - ET ACTIVEX Windows Defender ActiveX DeleteValue method Remote Code Execution Function Call (activex.rules)
  • 2010837 - ET ACTIVEX Windows Defender ActiveX WriteValue method Remote Code Execution Function Call (activex.rules)
  • 2010930 - ET ACTIVEX Foxit Reader ActiveX OpenFile method Remote Code Execution Function Call (activex.rules)
  • 2010957 - ET ACTIVEX SAP GUI SAPBExCommonResources ActiveX Insecure Method Code Execution Attempt (activex.rules)
  • 2010978 - ET ACTIVEX IE ActiveX control Exec method Remote code execution Attempt (activex.rules)
  • 2010986 - ET ACTIVEX AOLShare ActiveX AppString method denial of service Attempt (activex.rules)
  • 2010987 - ET ACTIVEX AOLShare ActiveX AppString method denial of service Function Call (activex.rules)
  • 2011173 - ET ACTIVEX Windows Help Center Arbitrary Command Execution Exploit Attempt (activex.rules)
  • 2011213 - ET ACTIVEX Consona Products SdcUser.TgConCtl ActiveX Control BOF Function Call (activex.rules)
  • 2011412 - ET ACTIVEX Apple QuickTime _Marshaled_pUnk Backdoor Param Arbitrary Code Execution Attempt (activex.rules)
  • 2012095 - ET ACTIVEX J-Integra Remote Code Execution (activex.rules)
  • 2012145 - ET ACTIVEX Netcraft Toolbar Remote Code Execution (activex.rules)
  • 2012146 - ET ACTIVEX ImageShack Toolbar Remote Code Execution (activex.rules)
  • 2012154 - ET EXPLOIT Wireshark ENTTEC DMX Data Processing Code Execution Attempt 1 (exploit.rules)
  • 2012192 - ET ACTIVEX NewV SmartClient NewvCommon.ocx DelFile Method Arbitrary File Deletion Attempt (activex.rules)
  • 2012194 - ET ACTIVEX Real Networks RealPlayer SP RecordClip Method Remote Code Execution Attempt (activex.rules)
  • 2012231 - ET ACTIVEX Oracle Document Capture Insecure Read Method File Access Attempt (activex.rules)
  • 2012232 - ET ACTIVEX Oracle Document Capture File Deletion Attempt (activex.rules)
  • 2012233 - ET ACTIVEX Oracle Document Capture File Overwrite Attempt (activex.rules)
  • 2012543 - ET ACTIVEX RealPlayer CDDA URI Overflow Uninitialized Pointer Attempt (activex.rules)
  • 2012636 - ET ACTIVEX RealNetworks RealGames StubbyUtil.ProcessMgr.1 InstallerDlg.dll Remote Command Execution Attempt (activex.rules)
  • 2012637 - ET ACTIVEX RealNetworks RealGames StubbyUtil.ProcessMgr.1 InstallerDlg.dll Remote Command Execution Attempt (activex.rules)
  • 2012638 - ET ACTIVEX RealNetworks RealGames StubbyUtil.ShellCtl.1 InstallerDlg.dll Remote Command Execution Attempt (activex.rules)
  • 2012639 - ET ACTIVEX RealNetworks RealGames StubbyUtil.ShellCtl.1 InstallerDlg.dll Remote Command Execution Attempt (activex.rules)
  • 2012640 - ET ACTIVEX RealNetworks RealGames StubbyUtil.ShellCtl.1 InstallerDlg.dll Remote Command Execution Attempt (activex.rules)
  • 2012929 - ET ACTIVEX Cisco AnyConnect VPN Secure Mobility Client Arbitrary Program Execution Attempt (activex.rules)
  • 2013069 - ET WEB_CLIENT Adobe Shockwave rcsL Chunk Remote Code Execution Attempt (web_client.rules)
  • 2013130 - ET ACTIVEX Black Ice Cover Page SDK DownloadImageFileURL Method Exploit (activex.rules)
  • 2013131 - ET ACTIVEX Black Ice Fax Voice SDK GetItemQueue Method Remote Code Execution Exploit (activex.rules)
  • 2013132 - ET ACTIVEX Black Ice Fax Voice SDK GetFirstItem Method Remote Code Execution Exploit (activex.rules)
  • 2014422 - ET ACTIVEX 2X Client for RDP ClientSystem Class ActiveX Control InstallClient Download and Execute (activex.rules)
  • 2023508 - ET MOBILE_MALWARE Android.Trojan.HiddenApp.OU Checkin 2 (mobile_malware.rules)
  • 2023509 - ET MOBILE_MALWARE Android.Trojan.HiddenApp.OU SSL CnC Cert (mobile_malware.rules)
  • 2100208 - GPL POLICY MISC Tunneling IP over DNS with NSTX (policy.rules)
  • 2100268 - GPL DOS Jolt attack (dos.rules)
  • 2100272 - GPL DOS IGMP dos attack (dos.rules)
  • 2100524 - GPL POLICY tcp port 0 traffic (policy.rules)
  • 2100525 - GPL POLICY udp port 0 traffic (policy.rules)
  • 2100560 - GPL POLICY VNC server response (policy.rules)
  • 2100615 - GPL POLICY SOCKS Proxy attempt (policy.rules)
  • 2101200 - GPL ATTACK_RESPONSE Invalid URL (attack_response.rules)
  • 2101292 - GPL ATTACK_RESPONSE directory listing (attack_response.rules)
  • 2101437 - GPL POLICY Windows Media download (policy.rules)
  • 2101438 - GPL POLICY Windows Media Video download (policy.rules)
  • 2101620 - GPL POLICY TRAFFIC Non-Standard IP protocol (policy.rules)
  • 2101735 - GPL WEB_CLIENT XMLHttpRequest attempt (web_client.rules)
  • 2101840 - GPL WEB_CLIENT Javascript document.domain attempt (web_client.rules)
  • 2101846 - GPL POLICY vncviewer Java applet download attempt (policy.rules)
  • 2101882 - GPL ATTACK_RESPONSE id check returned userid (attack_response.rules)
  • 2101885 - GPL ATTACK_RESPONSE id check returned http (attack_response.rules)
  • 2102044 - GPL POLICY PPTP Start Control Request attempt (policy.rules)
  • 2102437 - GPL WEB_CLIENT RealPlayer arbitrary javascript command attempt (web_client.rules)
  • 2102485 - GPL ACTIVEX Norton antivirus sysmspam.dll load attempt (activex.rules)
  • 2102577 - GPL WEB_CLIENT local resource redirection attempt (web_client.rules)
  • 2102925 - GPL WEB_CLIENT web bug 0x0 gif attempt (web_client.rules)
  • 2103079 - GPL WEB_CLIENT Microsoft ANI file parsing overflow (web_client.rules)
  • 2103132 - GPL WEB_CLIENT PNG large image width download attempt (web_client.rules)
  • 2103133 - GPL WEB_CLIENT PNG large image height download attempt (web_client.rules)
  • 2103134 - GPL WEB_CLIENT PNG large colour depth download attempt (web_client.rules)
  • 2103148 - GPL ACTIVEX winhelp clsid attempt (activex.rules)
  • 2800028 - ETPRO EXPLOIT MySQL CREATE FUNCTION libc Arbitrary Code Execution (exploit.rules)
  • 2800036 - ETPRO DOS Multiple Vendor ICMP Source Quench Denial of Service (dos.rules)
  • 2800074 - ETPRO WEB_CLIENT Microsoft Visio Version Number Handling Code Execution Vulnerability (web_client.rules)
  • 2800240 - ETPRO WEB_CLIENT Microsoft DirectX SAMI File Parsing Code Execution (web_client.rules)
  • 2800242 - ETPRO WEB_CLIENT Microsoft DirectX WAV and AVI File Parsing Code Execution (web_client.rules)
  • 2800268 - ETPRO EXPLOIT Microsoft Windows Kernel IGMPv3 and MLDv2 Request Processing Code Execution (exploit.rules)
  • 2800306 - ETPRO WEB_CLIENT Microsoft Excel File Importing Code Execution (web_client.rules)
  • 2800308 - ETPRO WEB_CLIENT Microsoft Excel File Importing Code Execution (web_client.rules)
  • 2800340 - ETPRO WEB_CLIENT Microsoft Internet Explorer Print Preview Handling Command Execution 1 (web_client.rules)
  • 2800341 - ETPRO WEB_CLIENT Microsoft Internet Explorer Print Preview Handling Command Execution 2 (web_client.rules)
  • 2800371 - ETPRO EXPLOIT Multiple Vendors CUPS HPGL Filter Remote Code Execution 1 (exploit.rules)
  • 2800372 - ETPRO EXPLOIT Multiple Vendors CUPS HPGL Filter Remote Code Execution 2 (exploit.rules)
  • 2800400 - ETPRO WEB_CLIENT Adobe Flash Player for Linux ActionScript ASnative Command Execution (web_client.rules)
  • 2800444 - ETPRO DOS IBM DB2 Database Server CONNECT Request Denial of Service (dos.rules)
  • 2800445 - ETPRO DOS IBM DB2 Database Server Invalid Data Stream Denial of Service (Published Exploit) (dos.rules)
  • 2800464 - ETPRO EXPLOIT Symantec Alert Management System Intel File Transfer Service Arbitrary Program Execution (exploit.rules)
  • 2800489 - ETPRO DOS Squid Proxy Invalid HTTP Response Status Code Denial of Service (dos.rules)
  • 2800491 - ETPRO DOS Firebird SQL op_connect_request Denial of Service (dos.rules)
  • 2800499 - ETPRO DOS FreeRADIUS RADIUS Server rad_decode Remote Denial of Service (dos.rules)
  • 2800525 - ETPRO DOS EMC RepliStor rep_srv and ctrlservice Denial of Service 1 (dos.rules)
  • 2800526 - ETPRO DOS EMC RepliStor rep_srv and ctrlservice Denial of Service 2 (dos.rules)
  • 2800534 - ETPRO DOS Multiple Vendors NTP Mode 7 Denial of Service (dos.rules)
  • 2800550 - ETPRO EXPLOIT IBM Cognos Server Backdoor Account Remote Code Execution (exploit.rules)
  • 2800551 - ETPRO EXPLOIT Novell ZENworks Configuration Management Preboot Service Code Execution (exploit.rules)
  • 2800554 - ETPRO DOS Microsoft Windows SMTP Service MX Record Denial Of Service (dos.rules)
  • 2800563 - ETPRO EXPLOIT HP OpenView Network Node Manager ovet_demandpoll.exe Format String Code Execution (exploit.rules)
  • 2800571 - ETPRO DOS ISC DHCP Server Zero Length Client ID Denial of Service (dos.rules)
  • 2800585 - ETPRO EXPLOIT Symantec Alert Management System HNDLRSVC Arbitrary Command Execution (exploit.rules)
  • 2800611 - ETPRO EXPLOIT Windows Oracle Application Server Forms Arbitrary System Command Execution (exploit.rules)
  • 2800635 - ETPRO DOS CA eTrust Intrusion Detection Encryption Key Handling Denial of Service (dos.rules)
  • 2800636 - ETPRO DOS CA eTrust Intrusion Detection Encryption Key Handling Denial of Service - 2 (dos.rules)
  • 2800637 - ETPRO DOS Microsoft Windows NAT Helper DNS Query Denial of Service (dos.rules)
  • 2800658 - ETPRO DOS Oracle Internet Directory Pre-Authentication LDAP Denial of Service Attempt (dos.rules)
  • 2800659 - ETPRO DOS OpenLDAP ber_get_next BER Decoding Denial of Service Attempt (dos.rules)
  • 2800663 - ETPRO WEB_CLIENT IBM Lotus Expeditor cai URI Handler Command Execution (web_client.rules)
  • 2800694 - ETPRO EXPLOIT Microsoft Excel Embedded Shockwave Flash Object Code Execution (exploit.rules)
  • 2800728 - ETPRO DOS Squid Proxy FTP URI Processing Denial of Service (dos.rules)
  • 2800799 - ETPRO DOS OpenLDAP Modrdn RDN NULL String Denial of Service Attempt (dos.rules)
  • 2800821 - ETPRO EXPLOIT OpenLDAP Modrdn RDN UTF-8 String Code Execution (exploit.rules)
  • 2800845 - ETPRO WEB_CLIENT RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution (web_client.rules)
  • 2800857 - ETPRO DOS Squid Proxy String Processing NULL Pointer Dereference Vulnerability (dos.rules)
  • 2800878 - ETPRO WEB_CLIENT Microsoft Windows Media Player Network Sharing Service RTSP Code Execution (web_client.rules)
  • 2800918 - ETPRO EXPLOIT Novell GroupWise Agents HTTP Request Remote Code Execution (exploit.rules)
  • 2800934 - ETPRO EXPLOIT Novell GroupWise Agents HTTP 7100 Request Remote Code Execution (exploit.rules)
  • 2800935 - ETPRO EXPLOIT Novell GroupWise Agents HTTP 7101 Request Remote Code Execution (exploit.rules)
  • 2800938 - ETPRO EXPLOIT Novell GroupWise Agents HTTP 7100 Request Remote Code Execution (exploit.rules)
  • 2800939 - ETPRO EXPLOIT Novell GroupWise Agents HTTP 7101 Request Remote Code Execution (exploit.rules)
  • 2801212 - ETPRO DOS iCal Null pointer de-reference Count Variable (dos.rules)
  • 2801213 - ETPRO DOS iCal Null pointer de-reference Trigger Variable (dos.rules)
  • 2801214 - ETPRO DOS iCal improper resource liberation (dos.rules)
  • 2801241 - ETPRO DOS HP Data Protector Manager RDS Denial of Service (dos.rules)
  • 2801244 - ETPRO EXPLOIT CA ARCserve D2D Axis2 Default Credentials Remote Code Execution (exploit.rules)
  • 2801257 - ETPRO EXPLOIT Microsoft Sharepoint Document Conversions Launcher Code Execution (exploit.rules)
  • 2801279 - ETPRO EXPLOIT HP OpenView Network Node Manager nnmRptConfig.exe Template Format String Code Execution (exploit.rules)
  • 2801321 - ETPRO WEB_CLIENT MHTML Attempted Script Execution (CVE-2011-0096) (web_client.rules)
  • 2801344 - ETPRO EXPLOIT HP OpenView Performance Insight Server Backdoor Account Code Execution (exploit.rules)
  • 2801345 - ETPRO EXPLOIT HP OpenView Performance Insight Server Backdoor Account Code Execution (exploit.rules)
  • 2801346 - ETPRO EXPLOIT HP OpenView Performance Insight Server Backdoor Account Code Execution (exploit.rules)
  • 2801379 - ETPRO EXPLOIT Novell ZENworks Configuration Management TFTPD Remote Code Execution 1 (exploit.rules)
  • 2801380 - ETPRO EXPLOIT Novell ZENworks Configuration Management TFTPD Remote Code Execution 2 (exploit.rules)
  • 2801381 - ETPRO EXPLOIT Novell ZENworks Configuration Management TFTPD Remote Code Execution 3 (exploit.rules)
  • 2801382 - ETPRO EXPLOIT Novell ZENworks Configuration Management TFTPD Remote Code Execution 4 (exploit.rules)
  • 2801861 - ETPRO WEB_CLIENT Oracle Java Applet2ClassLoader Remote Code Execution 1 (web_client.rules)
  • 2801862 - ETPRO WEB_CLIENT Oracle Java Applet2ClassLoader Remote Code Execution 2 (web_client.rules)
  • 2801877 - ETPRO EXPLOIT Oracle Secure Backup Admin Server index.php preauth Parameter Arbitrary Code Execution (exploit.rules)
  • 2801878 - ETPRO EXPLOIT Oracle Secure Backup Admin Server property_box.php other Parameter Arbitrary Code Execution (exploit.rules)
  • 2801879 - ETPRO EXPLOIT Oracle Secure Backup Admin Server property_box.php objectname Parameter Arbitrary Command Execution (exploit.rules)
  • 2801886 - ETPRO EXPLOIT HP OpenView Network Node Manager nnmRptConfig.exe schd_select1 Remote Code Execution (exploit.rules)
  • 2802147 - ETPRO WEB_CLIENT Oracle Java Applet2ClassLoader Remote Code Execution 3 (CVE-2010-4452) (web_client.rules)
  • 2802148 - ETPRO WEB_CLIENT Oracle Java Applet2ClassLoader Remote Code Execution 4 (CVE-2010-4452) (web_client.rules)
  • 2802149 - ETPRO WEB_CLIENT Oracle Java Applet2ClassLoader Remote Code Execution 5 (CVE-2010-4452) (web_client.rules)
  • 2802206 - ETPRO EXPLOIT HP Intelligent Management Center TFTP Server MODE Remote Code Execution 2 (exploit.rules)
  • 2802890 - ETPRO EXPLOIT McAfee Firewall Reporter isValidClient Remote Code Execution (exploit.rules)
  • 2802905 - ETPRO EXPLOIT HP Data Protector Client EXEC_CMD Command Execution (Unicode UTF-16 Little Endian) (exploit.rules)
  • 2802906 - ETPRO EXPLOIT HP Data Protector Client EXEC_CMD Command Execution (Unicode UTF-16 Big Endian) (exploit.rules)
  • 2802937 - ETPRO DOS Microsoft Host Integration Server snabase.exe Denial of Service 1 (dos.rules)
  • 2802938 - ETPRO DOS Microsoft Host Integration Server snabase.exe Denial of Service 2 (dos.rules)
  • 2802939 - ETPRO DOS Microsoft Host Integration Server snabase.exe Denial of Service 3 (dos.rules)
  • 2802940 - ETPRO DOS Microsoft Host Integration Server snabase.exe Denial of Service 4 (dos.rules)
  • 2802941 - ETPRO DOS Microsoft Host Integration Server snabase.exe Denial of Service 5 (dos.rules)
  • 2802942 - ETPRO DOS Microsoft Host Integration Server snabase.exe Denial of Service 6 (dos.rules)
  • 2802943 - ETPRO DOS Microsoft Host Integration Server snabase.exe Denial of Service 7 (dos.rules)
  • 2802944 - ETPRO DOS Microsoft Host Integration Server snabase.exe Denial of Service 8 (dos.rules)
  • 2802958 - ETPRO DOS Microsoft Host Integration Server snabase.exe Infinite Loop Denial of Service (Exploit Specific) (dos.rules)
  • 2803081 - ETPRO EXPLOIT Microsoft Forefront Threat Management Gateway Client Remote Code Execution (exploit.rules)
  • 2803357 - ETPRO EXPLOIT Sybase Open Server Function Pointer Array Code Execution 1 (exploit.rules)
  • 2803358 - ETPRO EXPLOIT Sybase Open Server Function Pointer Array Code Execution 2 (exploit.rules)
  • 2803359 - ETPRO EXPLOIT Sybase Open Server Function Pointer Array Code Execution 3 (exploit.rules)
  • 2803368 - ETPRO EXPLOIT Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution (exploit.rules)
  • 2803496 - ETPRO DOS ISC DHCP Server Packet Processing Denial of Service (dos.rules)
  • 2803845 - ETPRO DOS Microsoft Forefront Unified Access Gateway DoS Attempt 1 (dos.rules)
  • 2803846 - ETPRO DOS Microsoft Forefront Unified Access Gateway DoS Attempt 2 (dos.rules)
  • 2804277 - ETPRO EXPLOIT CTEK SkyRouter 4200 and 4300 Command Execution (exploit.rules)
  • 2805317 - ETPRO WEB_CLIENT Microsoft Internet Explorer Virtual Function Table Corruption Remote Code Execution Vulnerability (web_client.rules)
  • 2805467 - ETPRO RETIRED Gauss CnC (retired.rules)
  • 2805875 - ETPRO RETIRED Win32/Reveton.N Checkin (retired.rules)
  • 2806187 - ETPRO EXPLOIT Apache Struts ParametersInterceptor Remote Code Execution (CVE-2011-3923) (exploit.rules)
  • 2806214 - ETPRO EXPLOIT MongoDB nativeHelper.apply Remote Code Execution (CVE-2013-1892) (exploit.rules)
  • 2806624 - ETPRO RETIRED Win32.Small.CV (retired.rules)
  • 2806823 - ETPRO DOS ICMP with truncated IPv6 header CVE-2013-3182 (dos.rules)
  • 2806824 - ETPRO DOS ICMP with truncated IPv6 header CVE-2013-3182 (dos.rules)
  • 2806984 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806985 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806986 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806987 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806988 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806989 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806990 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806991 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806992 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806993 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2806994 - ETPRO DOS Active Directory DOS (CVE-2013-3868) (dos.rules)
  • 2808450 - ETPRO RETIRED REVETON CnC SET (retired.rules)
  • 2808451 - ETPRO RETIRED REVETON CnC OUTBOUND (retired.rules)
  • 2810480 - ETPRO DOS Slowloris HTTP Traffic Inbound (dos.rules)
  • 2815609 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ff Checkin 5 (mobile_malware.rules)
  • 2815613 - ETPRO MOBILE_MALWARE Android/Adware.AdsWo.A Checkin 2 (mobile_malware.rules)
  • 2815850 - ETPRO MOBILE_MALWARE Android.Trojan.Tefoni.A Checkin (mobile_malware.rules)
  • 2815911 - ETPRO MOBILE_MALWARE Android/Xippa.A SSL CnC Cert (mobile_malware.rules)
  • 2815934 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ff Checkin 6 (mobile_malware.rules)
  • 2816167 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Kloncer.a Checkin (mobile_malware.rules)
  • 2816169 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Agent.cb Checkin (mobile_malware.rules)
  • 2816170 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Agent.cb Checkin 2 (mobile_malware.rules)
  • 2816175 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.hd Checkin (mobile_malware.rules)
  • 2816183 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.hf Checkin (mobile_malware.rules)
  • 2816307 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Igamo.a Checkin 2 (mobile_malware.rules)
  • 2816309 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iv Checkin (mobile_malware.rules)
  • 2816336 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ay Checkin 2 (mobile_malware.rules)
  • 2816341 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar.j Checkin (mobile_malware.rules)
  • 2816344 - ETPRO MOBILE_MALWARE Android.Riskware.SMSSend.gRJR Checkin (mobile_malware.rules)
  • 2816345 - ETPRO MOBILE_MALWARE Android.Trojan.FakeInst.BX Checkin 5 (mobile_malware.rules)
  • 2816462 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac Checkin 2 (mobile_malware.rules)
  • 2816470 - ETPRO MOBILE_MALWARE Android/SMSreg.GF Checkin (mobile_malware.rules)
  • 2816473 - ETPRO MOBILE_MALWARE Android.Riskware.Agent.W Checkin (mobile_malware.rules)
  • 2816615 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.l Checkin (mobile_malware.rules)
  • 2816617 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.l Checkin 2 (mobile_malware.rules)
  • 2816662 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Spambot.a Checkin (mobile_malware.rules)
  • 2816675 - ETPRO MOBILE_MALWARE Android.Trojan.SLocker.IE Checkin (mobile_malware.rules)
  • 2816696 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Ztorg.a Checkin (mobile_malware.rules)
  • 2816720 - ETPRO MOBILE_MALWARE Android/AdDisplay.Kuguo.V Checkin (mobile_malware.rules)
  • 2816731 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.hu Checkin (mobile_malware.rules)
  • 2816736 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Paccy.b Checkin (mobile_malware.rules)
  • 2816774 - ETPRO MOBILE_MALWARE Android/HiddenApp.K Checkin (mobile_malware.rules)
  • 2816775 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Caresy.a Checkin (mobile_malware.rules)
  • 2816811 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.EG Checkin (mobile_malware.rules)
  • 2816815 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ie Checkin (mobile_malware.rules)
  • 2816908 - ETPRO MOBILE_MALWARE Android.Trojan.AutoSMS.Y Checkin (mobile_malware.rules)
  • 2816935 - ETPRO MOBILE_MALWARE Android/TrojanSMS.FakeInst.GY Checkin (mobile_malware.rules)
  • 2819703 - ETPRO MOBILE_MALWARE Android/Agent.SY Checkin (mobile_malware.rules)
  • 2819865 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Hiddad.v Checkin (mobile_malware.rules)
  • 2819870 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fm Checkin (mobile_malware.rules)
  • 2819876 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.aq Checkin (mobile_malware.rules)
  • 2819894 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Tiny.bw Checkin (mobile_malware.rules)
  • 2819898 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.dt Checkin (mobile_malware.rules)
  • 2819919 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.c Checkin (mobile_malware.rules)
  • 2819920 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.c Checkin 2 (mobile_malware.rules)
  • 2819922 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.c Checkin 4 (mobile_malware.rules)
  • 2819923 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.c Checkin 5 (mobile_malware.rules)
  • 2819928 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.CH Checkin (mobile_malware.rules)
  • 2819981 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.a Checkin 15 (mobile_malware.rules)
  • 2819998 - ETPRO MOBILE_MALWARE Android/Inmobi.D Checkin (mobile_malware.rules)
  • 2820000 - ETPRO MOBILE_MALWARE Android/Styricka.A Checkin (mobile_malware.rules)
  • 2820021 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Svpeng.e Checkin (mobile_malware.rules)
  • 2820040 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Dialer.b Checkin (mobile_malware.rules)
  • 2820053 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.iv Checkin (mobile_malware.rules)
  • 2820181 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.by Checkin 2 (mobile_malware.rules)
  • 2820285 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Tiny.az Checkin 3 (mobile_malware.rules)
  • 2820309 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.kx Checkin (mobile_malware.rules)
  • 2820379 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Guerrilla.g Checkin (mobile_malware.rules)
  • 2820490 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.BMT Checkin 3 (mobile_malware.rules)
  • 2820509 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.fo Checkin (mobile_malware.rules)
  • 2820621 - ETPRO EXPLOIT Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution CVE (CVE-2009-1429) (exploit.rules)
  • 2820689 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.YW Checkin (mobile_malware.rules)
  • 2820889 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Cloudatlas.a Checkin (mobile_malware.rules)
  • 2820949 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.ZS Checkin (mobile_malware.rules)
  • 2820954 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Vibleaker.a Checkin (mobile_malware.rules)
  • 2820961 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Boqx.a Checkin 2 (mobile_malware.rules)
  • 2820974 - ETPRO MOBILE_MALWARE Android Trojan HummingBad Checkin (mobile_malware.rules)
  • 2821046 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Agent.q Checkin (mobile_malware.rules)
  • 2821083 - ETPRO WEB_CLIENT MS Edge Invalid Pointer Access RCE Vulnerability (CVE-2016-3259) (web_client.rules)
  • 2821117 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.dd Checkin (mobile_malware.rules)
  • 2821190 - ETPRO MOBILE_MALWARE Android/Clicker.BG CnC Beacon (mobile_malware.rules)
  • 2821604 - ETPRO MOBILE_MALWARE Android.Trojan.FakeBank.BA APK Download (mobile_malware.rules)
  • 2821843 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l SSL CnC Cert 4 (mobile_malware.rules)
  • 2821903 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.kz CnC Beacon (mobile_malware.rules)
  • 2822026 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Small.g Checkin (mobile_malware.rules)
  • 2822186 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.gz Checkin (mobile_malware.rules)
  • 2822191 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l SSL CnC Cert 5 (mobile_malware.rules)
  • 2822209 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.lt Checkin (mobile_malware.rules)
  • 2822229 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.ll CnC Beacon (mobile_malware.rules)
  • 2822230 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.ll CnC Beacon 2 (mobile_malware.rules)
  • 2822427 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Oversa.a Checkin (mobile_malware.rules)
  • 2822618 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Sugs.a Checkin (mobile_malware.rules)
  • 2822723 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules)
  • 2822724 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules)
  • 2823187 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules)
  • 2823203 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules)
  • 2823204 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules)
  • 2823215 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Ledoden.a Checkin (mobile_malware.rules)
  • 2823331 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Dadmo.e Checkin (mobile_malware.rules)
  • 2823422 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.lr Checkin (mobile_malware.rules)
  • 2823449 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.mb Checkin (mobile_malware.rules)
  • 2823500 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules)
  • 2823659 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules)
  • 2823789 - ETPRO MOBILE_MALWARE Android.Trojan.Uten.AA Checkin (mobile_malware.rules)
  • 2823840 - ETPRO WEB_CLIENT Microsoft Edge Chakra RCE Vulnerability (CVE-2016-7297) (web_client.rules)
  • 2823841 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.bt Checkin (mobile_malware.rules)
  • 2823842 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.bt Checkin 2 (mobile_malware.rules)
  • 2823896 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules)
  • 2823900 - ETPRO WEB_CLIENT Windows Graphics RCE (CVE-2016-7272) 1 (web_client.rules)
  • 2824113 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.cc Checkin (mobile_malware.rules)
  • 2824722 - ETPRO EXPLOIT_KIT EITest SocEng Successful Inject HTTP Request Jan 15 2017 M1 (exploit_kit.rules)
  • 2825379 - ETPRO WEB_CLIENT Microsoft Edge PDF Parsing RCE M1 (CVE-2017-0023) (web_client.rules)
  • 2825380 - ETPRO WEB_CLIENT Microsoft Edge PDF Parsing RCE M2 (CVE-2017-0023) (web_client.rules)
  • 2826328 - ETPRO EXPLOIT Microsoft Malware Protection Engine Remote Code Execution Vulnerability (CVE-2017-0290) (exploit.rules)