| 번호 | 날짜 | ID | 시그니처 (Total Ruleset: 27,111개) |
| 12,911 | 2015/01/20 | 2015736 | ET TROJAN DNS Query to Unknown CnC DGA Domain defmaybe.com 09/25/12; |
| 12,910 | 2015/01/20 | 2015735 | ET CURRENT_EVENTS Probable Sakura Java applet with obfuscated URL Sep 21 2012; |
| 12,909 | 2015/01/20 | 2015734 | ET CURRENT_EVENTS Sakura exploit kit exploit download request /nano.php; |
| 12,908 | 2015/01/20 | 2015733 | ET CURRENT_EVENTS Sakura exploit kit exploit download request /sarah.php; |
| 12,907 | 2015/01/20 | 2015732 | ET DELETED Blackhole2 - Landing Page Received - classid; |
| 12,906 | 2015/01/20 | 2015731 | ET DELETED g01pack Exploit Kit Landing Page 7; |
| 12,905 | 2015/01/20 | 2015730 | ET TROJAN DNS Query to Unknown CnC DGA Domain sleeveblouse.com 09/20/12; |
| 12,904 | 2015/01/20 | 2015729 | ET DELETED DNS Query to Unknown CnC DGA Domain adbullion.com 09/20/12; |
| 12,903 | 2015/01/20 | 2015728 | ET TROJAN DNS Query to Unknown CnC DGA Domain bktwenty.com 09/20/12; |
| 12,902 | 2015/01/20 | 2015727 | ET CURRENT_EVENTS Access To mm-forms-community upload dir (Inbound); [1] |
| 12,901 | 2015/01/20 | 2015726 | ET CURRENT_EVENTS Access To mm-forms-community upload dir (Outbound); [1] |
| 12,900 | 2015/01/20 | 2015725 | ET DELETED pamdql Exploit Kit 09/25/12 Sending PDF; |
| 12,899 | 2015/01/20 | 2015724 | ET CURRENT_EVENTS pamdql Exploit Kit 09/25/12 Sending Jar; |
| 12,898 | 2015/01/20 | 2015723 | ET TROJAN ZeroAccess Checkin; [1,2] |
| 12,897 | 2015/01/20 | 2015722 | ET TROJAN DNS Query to Unknown CnC DGA Domain whatandwhyeh.com 09/20/12; |
| 12,896 | 2015/01/20 | 2015721 | ET TROJAN DNS Query to Unknown CnC DGA Domain manymanyd.com 09/20/12; |
| 12,895 | 2015/01/20 | 2015720 | ET TROJAN DNS Query to Unknown CnC DGA Domain traindiscover.com 09/20/12; |
| 12,894 | 2015/01/20 | 2015719 | ET TROJAN DNS Query to Unknown CnC DGA Domain palauone.com 09/20/12; |
| 12,893 | 2015/01/20 | 2015718 | ET TROJAN SSL Cert Used In Unknown Exploit Kit; |
| 12,892 | 2015/01/20 | 2015717 | ET TROJAN SSL Cert Used In Unknown Exploit Kit (ashburn); |
| 12,891 | 2015/01/20 | 2015716 | ET DELETED Blackhole2 - Client reporting targeted software versions; |
| 12,890 | 2015/01/20 | 2015714 | ET TROJAN Mirage Campaign checkin; [1] |
| 12,889 | 2015/01/20 | 2015713 | ET TROJAN Dapato Checkin 8; |
| 12,888 | 2015/01/20 | 2015712 | ET WEB_CLIENT Internet Explorer execCommand function Use after free Vulnerability 0day Metasploit; [1] |
| 12,887 | 2015/01/20 | 2015711 | ET WEB_CLIENT Internet Explorer execCommand function Use after free Vulnerability 0day; [1] |
| 12,886 | 2015/01/20 | 2015710 | ET CURRENT_EVENTS DRIVEBY Blackhole2 - Landing Page Received; |
| 12,885 | 2015/01/20 | 2015709 | ET DELETED Possible Blackhole Landing to 7-8 chr folder plus index.htm or index.html; |
| 12,884 | 2015/01/20 | 2015708 | ET CURRENT_EVENTS - Applet Tag In Edwards Packed JavaScript; |
| 12,883 | 2015/01/20 | 2015707 | ET INFO JAVA - document.createElement applet; |
| 12,882 | 2015/01/20 | 2015706 | ET DELETED g01pack Exploit Kit Landing Page 5; |
| 12,881 | 2015/01/20 | 2015705 | ET DELETED g01pack Exploit Kit Landing Page 6; |
| 12,880 | 2015/01/20 | 2015704 | ET CURRENT_EVENTS DoSWF Flash Encryption Banner; |
| 12,879 | 2015/01/20 | 2015703 | ET WEB_SERVER Brutus Scan Inbound; |
| 12,878 | 2015/01/20 | 2015702 | ET SCAN Brutus Scan Outbound; |
| 12,877 | 2015/01/20 | 2015701 | ET DELETED Blackhole2 - Landing Page Received; |
| 12,876 | 2015/01/20 | 2015700 | ET CURRENT_EVENTS Blackhole2 - URI Structure; |
| 12,875 | 2015/01/20 | 2015699 | ET DELETED Unknown base64-style Java-based Exploit Kit using github as initial director; |
| 12,874 | 2015/01/20 | 2015698 | ET CURRENT_EVENTS SPL Landing Page Requested; |
| 12,873 | 2015/01/20 | 2015697 | ET DELETED Blackhole repetitive applet/code tag; |
| 12,872 | 2015/01/20 | 2015696 | ET DELETED g01pack Exploit Kit Landing Page 4; |
| 12,871 | 2015/01/20 | 2015695 | ET CURRENT_EVENTS DRIVEBY Generic - 8Char.JAR Naming Algorithm; |
| 12,870 | 2015/01/20 | 2015694 | ET CURRENT_EVENTS NeoSploit - Version Enumerated - null; |
| 12,869 | 2015/01/20 | 2015693 | ET CURRENT_EVENTS NeoSploit - Version Enumerated - Java; |
| 12,868 | 2015/01/20 | 2015692 | ET DELETED NeoSploit - TDS; |
| 12,867 | 2015/01/20 | 2015691 | ET CURRENT_EVENTS NeoSploit - PDF Exploit Requested; |
| 12,866 | 2015/01/20 | 2015690 | ET CURRENT_EVENTS NeoSploit - Obfuscated Payload Requested; |
| 12,865 | 2015/01/20 | 2015689 | ET CURRENT_EVENTS DRIVEBY NeoSploit - Java Exploit Requested; |
| 12,864 | 2015/01/20 | 2015688 | ET CURRENT_EVENTS Possible Remote PHP Code Execution (php.pjpg); [1] |
| 12,863 | 2015/01/20 | 2015687 | ET POLICY Inbound /uploadify.php Access; [1] |
| 12,862 | 2015/01/20 | 2015686 | ET POLICY Signed TLS Certificate with md5WithRSAEncryption; [1,2,3,4,5] |
| < 281 282 283 284 285 286 287 288 289 290 > |