Ruleset Update Summary - 2025/07/02 - v10962

Ruleset Updates
1

Summary:

9 new OPEN, 9 new PRO (9 + 0)

Added rules:

Open:

  • 2063270 - ET EXPLOIT Generic MultiStage Javascript Redirect Activity M1 (exploit.rules)
  • 2063271 - ET WEB_SPECIFIC_APPS Citrix Netscaler ADC & Gateway Unauthenticated Out-of-Bounds Memory Read (CVE-2023-6549) (web_specific_apps.rules)
  • 2063272 - ET WEB_SPECIFIC_APPS D-Link Arbitrary File Read Via webproc errorpage Parameter (CVE-2021-27250) (web_specific_apps.rules)
  • 2063273 - ET WEB_SPECIFIC_APPS Evertz SDVN Authentication Bypass + Command Injection Attempt M1 (CVE-2025-4009) (web_specific_apps.rules)
  • 2063274 - ET WEB_SPECIFIC_APPS Evertz SDVN Authentication Bypass + Command Injection Attempt M2 (CVE-2025-4009) (web_specific_apps.rules)
  • 2063275 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (musicdownloader .top) (exploit_kit.rules)
  • 2063276 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (musicdownloader .top) (exploit_kit.rules)
  • 2063277 - ET WEB_SPECIFIC_APPS D-Link importhtml sql Parameter SQL Injection Attempt (web_specific_apps.rules)
  • 2063278 - ET WEB_SPECIFIC_APPS D-Link getcfg Information Disclosure Attempt (CVE-2019-17506) (web_specific_apps.rules)

Modified inactive rules:

  • 2061785 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (layardrama21 .top) (exploit_kit.rules)
  • 2061996 - ET EXPLOIT_KIT LandUpdate808 Domain in DNS Lookup (jimriehls .com) (exploit_kit.rules)
  • 2061998 - ET EXPLOIT_KIT LandUpdate808 Domain in TLS SNI (jimriehls .com) (exploit_kit.rules)
  • 2861353 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861354 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861355 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861356 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861357 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861358 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861359 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861360 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861361 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861362 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861363 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861364 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861365 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861366 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861367 - ETPRO PHISHING TA453 Domain in DNS Lookup (phishing.rules)
  • 2861381 - ETPRO PHISHING TA453 Domain in TLS SNI (phishing.rules)