시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
16,4612015/01/20 2019409  ET CURRENT_EVENTS SUSPICIOUS SMTP Attachment Inbound PPT attachment with Embedded OLE Object M4;  
16,4602015/01/20 2019408  ET CURRENT_EVENTS SUSPICIOUS SMTP Attachment Inbound PPT attachment with Embedded OLE Object M3;  
16,4592015/01/20 2019407  ET CURRENT_EVENTS SUSPICIOUS SMTP Attachment Inbound PPT attachment with Embedded OLE Object M2;  
16,4582015/01/20 2019406  ET CURRENT_EVENTS SUSPICIOUS SMTP Attachment Inbound PPT attachment with Embedded OLE Object M1;  
16,4572015/01/20 2019405  ET CURRENT_EVENTS SUSPICIOUS PPT Download with Embedded OLE Object;  
16,4562015/01/20 2019404  ET DOS Potential Tsunami SYN Flood Denial Of Service Attempt; [1
16,4552015/01/20 2019403  ET EXPLOIT Possible CVE-2014-6271 exploit attempt via malicious DNS; [1
16,4542015/01/20 2019402  ET EXPLOIT Possible CVE-2014-6271 malicious DNS response; [1
16,4532015/01/20 2019401  ET POLICY Vulnerable Java Version 1.8.x Detected; [1
16,4522015/01/20 2019400  ET TROJAN Possible Bedep Connectivity Check;  
16,4512015/01/20 2019399  ET CURRENT_EVENTS Possible SandWorm INF Download (SMB UNICODE);  
16,4502015/01/20 2019398  ET CURRENT_EVENTS Possible SandWorm INF Download (SMB);  
16,4492015/01/20 2019397  ET CURRENT_EVENTS Possible SandWorm INF Download (UNICODE);  
16,4482015/01/20 2019396  ET TROJAN TorrentLocker DNS Lookup;  
16,4472015/01/20 2019395  ET CURRENT_EVENTS Possible SandWorm INF Download;  
16,4462015/01/20 2019394  ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 5; [1
16,4452015/01/20 2019393  ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 4; [1
16,4442015/01/20 2019392  ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 3; [1
16,4432015/01/20 2019391  ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 2; [1
16,4422015/01/20 2019390  ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 1; [1
16,4412015/01/20 2019389  ET EXPLOIT Possible Postfix CVE-2014-6271 attempt; [1
16,4402015/01/20 2019388  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL certificate detected (KINS CnC); [1
16,4392015/01/20 2019387  ET POLICY SSL Certificate IRC GEEKS Likely Encrypted IRC or CnC;  
16,4382015/01/20 2019386  ET CURRENT_EVENTS Possible TWiki Apache config file upload attempt; [1
16,4372015/01/20 2019385  ET CURRENT_EVENTS Possible TWiki RCE attempt; [1
16,4362015/01/20 2019384  ET TROJAN Neverquest Request URI Struct;  
16,4352015/01/20 2019383  ET POLICY gogo6/Freenet6 Authentication Attempt;  
16,4342015/01/20 2019382  ET CURRENT_EVENTS Win32/Zbot SSL Cert Oct 9 2014;  
16,4332015/01/20 2019381  ET TROJAN Win32/Ursnif Connectivity Check; [1
16,4322015/01/20 2019380  ET TROJAN Gozi/Ursnif/Papras Connectivity Check; [1,2
16,4312015/01/20 2019379  ET TROJAN Win32/PSW.Papras.CK file upload; [1
16,4302015/01/20 2019378  ET TROJAN Win32/PSW.Papras.CK Checkin; [1
16,4292015/01/20 2019377  ET TROJAN Win32/Ursnif Checkin; [1
16,4282015/01/20 2019376  ET CURRENT_EVENTS Napolar SSL Cert Oct 9 2014;  
16,4272015/01/20 2019375  ET CURRENT_EVENTS Possible Sweet Orange redirection Oct 8 2014; [1
16,4262015/01/20 2019374  ET CURRENT_EVENTS DRIVEBY Sednit EK IE Exploit CVE-2013-3897 M1; [1
16,4252015/01/20 2019373  ET CURRENT_EVENTS DRIVEBY Generic CollectGarbage in JJEncode (Observed in Sednit); [1
16,4242015/01/20 2019372  ET CURRENT_EVENTS DRIVEBY Sednit EK IE Exploit CVE-2013-1347 M2; [1
16,4232015/01/20 2019371  ET CURRENT_EVENTS DRIVEBY Sednit EK IE Exploit CVE-2013-1347 M1; [1
16,4222015/01/20 2019370  ET CURRENT_EVENTS DRIVEBY Sednit EK IE Exploit CVE-2014-1776 M3; [1
16,4212015/01/20 2019369  ET CURRENT_EVENTS DRIVEBY Sednit EK IE Exploit CVE-2014-1776 M2; [1
16,4202015/01/20 2019368  ET CURRENT_EVENTS DRIVEBY Sednit EK IE Exploit CVE-2014-1776 M1; [1
16,4192015/01/20 2019367  ET CURRENT_EVENTS DRIVEBY Sednit EK Landing; [1
16,4182015/01/20 2019366  ET POLICY 2Downloadz.com File Sharing User-Agent;  
16,4172015/01/20 2019365  ET WEB_SPECIFIC_APPS Bugzilla token.cgi HPP e-mail validation bypass Attempt Client Body; [1
16,4162015/01/20 2019364  ET WEB_SPECIFIC_APPS Bugzilla token.cgi HPP e-mail validation bypass Attempt URI; [1
16,4152015/01/20 2019363  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
16,4142015/01/20 2019362  ET DELETED Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 42; [1,2
16,4132015/01/20 2019361  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
16,4122015/01/20 2019360  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
< 211  212  213  214  215  216  217  218  219  220 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.