번호 | 날짜 | ID | 시그니처 (Total Ruleset: 27,111개) |
10,161 | 2015/01/20 | 2012827 | ET POLICY HTTP Request to a *.vv.cc domain; |
10,160 | 2015/01/20 | 2012826 | ET DNS DNS Query to a Suspicious *.vv.cc domain; |
10,159 | 2015/01/20 | 2012825 | ET WEB_SPECIFIC_APPS CiscoWorks Help Servlet Reflective XSS Attempt; [1] |
10,158 | 2015/01/20 | 2012824 | ET WEB_SPECIFIC_APPS Cisco Common Services Framework Reflective XSS Attempt; [1] |
10,157 | 2015/01/20 | 2012823 | ET WEB_SPECIFIC_APPS Cisco Unified Operations Manager clusterName Reflective XSS Attempt; [1] |
10,156 | 2015/01/20 | 2012822 | ET WEB_SPECIFIC_APPS Cisco Unified Operations Manager eventmon_wrapper.jsp Reflective XSS Attempt; [1] |
10,155 | 2015/01/20 | 2012821 | ET WEB_SPECIFIC_APPS Cisco Unified Operations Manager eventmon Reflective XSS Attempt; [1] |
10,154 | 2015/01/20 | 2012820 | ET WEB_SPECIFIC_APPS Cisco Unified Operations Manager deviceInstanceName Reflective XSS Attempt; [1] |
10,153 | 2015/01/20 | 2012819 | ET WEB_SPECIFIC_APPS Cisco Unified Operations Manager advancedfind.do Reflective XSS Attempt; [1] |
10,152 | 2015/01/20 | 2012818 | ET WEB_SPECIFIC_APPS Cisco Unified Operations Manager Blind SQL Injection Attempt; [1] |
10,151 | 2015/01/20 | 2012817 | ET DELETED EXE Using Suspicious IAT NtUnmapViewOfSection Possible Malware Process Hollowing; [1,2] |
10,150 | 2015/01/20 | 2012816 | ET TROJAN EXE Using Suspicious IAT ZwUnmapViewOfSection Possible Malware Process Hollowing; [1,2] |
10,149 | 2015/01/20 | 2012815 | ET DELETED FAKEAV Scanner Landing Page (Initializing Virus Protection System...); |
10,148 | 2015/01/20 | 2012814 | ET WEB_CLIENT PDF With Adobe Audition Session File Handling Memory Corruption Attempt; [1,2] |
10,147 | 2015/01/20 | 2012813 | ET WEB_CLIENT PDF With Adobe Audition Session File Handling Buffer Overflow Flowbit Set; [1,2] |
10,146 | 2015/01/20 | 2012812 | ET DELETED Known Malicious Facebook Javascript; [1] |
10,145 | 2015/01/20 | 2012811 | ET DNS DNS Query to a .tk domain - Likely Hostile; |
10,144 | 2015/01/20 | 2012810 | ET POLICY HTTP Request to a *.tk domain; |
10,143 | 2015/01/20 | 2012809 | ET WEB_SPECIFIC_APPS WordPress DB XML dump successful leakage; [1] |
10,142 | 2015/01/20 | 2012808 | ET WEB_SPECIFIC_APPS WordPress DB XML dump attempted access; [1] |
10,141 | 2015/01/20 | 2012807 | ET DELETED Possible g01pack Exploit Pack Malicious JAR File Request; [1,2] |
10,140 | 2015/01/20 | 2012806 | ET WEB_CLIENT QuickTime Remote Exploit (exploit specific); [1] |
10,139 | 2015/01/20 | 2012805 | ET WEB_SPECIFIC_APPS Automne upload-controler.php Arbitrary File Upload Vulnerability; [1] |
10,138 | 2015/01/20 | 2012804 | ET MALWARE Possible Windows executable sent ASCII-hex-encoded; [1,2] |
10,137 | 2015/01/20 | 2012803 | ET TROJAN Delf Alms backdoor checkin; |
10,136 | 2015/01/20 | 2012802 | ET TROJAN Spoofed MSIE 8 User-Agent Likely Ponmocup; [1,2,3] |
10,135 | 2015/01/20 | 2012801 | ET TROJAN Spoofed MSIE 7 User-Agent Likely Ponmocup; [1,2,3] |
10,134 | 2015/01/20 | 2012800 | ET TROJAN Ponmocup C2 Sending Data to Controller 2; [1,2,3] |
10,133 | 2015/01/20 | 2012799 | ET TROJAN Ponmocup C2 Sending Data to Controller 1; [1,2,3,4] |
10,132 | 2015/01/20 | 2012797 | ET WEB_SPECIFIC_APPS WebAuction lang parameter Cross Site Scripting Attempt; [1] |
10,131 | 2015/01/20 | 2012796 | ET DELETED Malicious SEO landing in.cgi with URI HTTP_REFERER; |
10,130 | 2015/01/20 | 2012795 | ET WEB_SPECIFIC_APPS Golem Gaming Portal root_path Parameter Remote File inclusion Attempt; [1] |
10,129 | 2015/01/20 | 2012794 | ET WEB_SPECIFIC_APPS ClanSphere CurrentFolder Parameter Local File Inclusion Attempt; |
10,128 | 2015/01/20 | 2012793 | ET WEB_SPECIFIC_APPS E-Xoopport Samsara Sections module secid Parameter Blind SQL Injection Exploit; [1] |
10,127 | 2015/01/20 | 2012792 | ET WEB_SPECIFIC_APPS KLINK txtCodiInfo parameter UPDATE SET SQL Injection Attempt; [1] |
10,126 | 2015/01/20 | 2012791 | ET WEB_SPECIFIC_APPS KLINK txtCodiInfo parameter INSERT INTO SQL Injection Attempt; [1] |
10,125 | 2015/01/20 | 2012790 | ET WEB_SPECIFIC_APPS KLINK txtCodiInfo parameter UNION SELECT SQL Injection Attempt; [1] |
10,124 | 2015/01/20 | 2012789 | ET WEB_SPECIFIC_APPS KLINK txtCodiInfo parameter DELETE FROM SQL Injection Attempt; [1] |
10,123 | 2015/01/20 | 2012788 | ET WEB_SPECIFIC_APPS KLINK txtCodiInfo parameter SELECT FROM SQL Injection Attempt; [1] |
10,122 | 2015/01/20 | 2012787 | ET SCADA ICONICS WebHMI ActiveX Stack Overflow; [1,2] |
10,121 | 2015/01/20 | 2012786 | ET TROJAN DNS Query for Possible FakeAV Domain; |
10,120 | 2015/01/20 | 2012785 | ET DELETED Egypack/1.0 User-Agent Likely Malware; [1] |
10,119 | 2015/01/20 | 2012784 | ET MOBILE_MALWARE SymbOS SuperFairy.D active.txt Missing File HTTP Request; [1] |
10,118 | 2015/01/20 | 2012783 | ET MOBILE_MALWARE SymbOS SuperFairy.D BackgroundUpdata.ini Missing File HTTP Request; [1] |
10,117 | 2015/01/20 | 2012782 | ET MOBILE_MALWARE SymbOS SuperFairy.D StartUpdata.ini Missing File HTTP Request; [1] |
10,116 | 2015/01/20 | 2012781 | ET TROJAN Possible Hiloti DNS Checkin Message explorer_exe; [1] |
10,115 | 2015/01/20 | 2012780 | ET POLICY Suspicious IAT SetKeyboardState - Can Be Used for Keylogging; [1] |
10,114 | 2015/01/20 | 2012779 | ET DELETED Suspicious IAT FTP File Interaction; [1] |
10,113 | 2015/01/20 | 2012778 | ET DELETED Suspicious IAT NamedPipe - May Indicate Reverse Shell/Backdoor Functionality; [1] |
10,112 | 2015/01/20 | 2012777 | ET POLICY Suspicious IAT EnableExecuteProtectionSupport - Undocumented API to Modify DEP; [1] |
< 331 332 333 334 335 336 337 338 339 340 > |