Business

search ✕
  • Solutions
    • Platform
      • Trend One
        Our Unified Platform

        Bridge threat protection and cyber risk management

        Learn more
    • By Challenge
      • By Challenge
        • By Challenge
          Learn more
      • Understand, Prioritise & Mitigate Risks
        • Understand, Prioritise & Mitigate Risks

          Improve your risk posture with attack surface management

          Learn more
      • Protect Cloud-Native Apps
        • Protect Cloud-Native Apps

          Security that enables business outcomes

          Learn more
      • Protect Your Hybrid World
        • Protect Your Hybrid, Multi-Cloud World

          Gain visibility and meet business needs with security

          Learn more
      • Securing Your Borderless Workforce
        • Securing Your Borderless Workforce

          Connect with confidence from anywhere, on any device

          Learn more
      • Eliminate Network Blind Spots
        • Eliminate Network Blind Spots

          Secure users and key operations throughout your environment

          Learn more
      • See More, Move Faster
        • See More. Respond Faster.

          Move faster than your adversaries with powerful purpose-built XDR, attack surface risk management, and zero trust capabilities

          Learn more
      • Extend Your Team
        • Extend Your Team. Respond to Threats Agilely

          Maximise effectiveness with proactive risk reduction and managed services

          Learn more
    • By Role
      • By Role
        • By Role
          Learn more
      • CISO
        • CISO

          Drive business value with measurable cybersecurity outcomes

          Learn more
      • SOC Manager
        • SOC Manager

          See more, act faster

          Learn more
      • Infrastructure Manager
        • Infrastructure Manager

          Evolve your security to mitigate threats quickly and effectively

          Learn more
      • Cloud Builder and Developer
        • Cloud Builder and Developer

          Ensure code runs only as intended

          Learn more
      • Cloud Security Ops
        • Cloud Security Ops

          Gain visibility and control with security designed for cloud environments

          Learn more
    • By Industry
      • By Industry
        • By Industry
          Learn more
      • Healthcare
        • Healthcare

          Protect patient data, devices, and networks while meeting regulations

          Learn more
      • Manufacturing
        • Manufacturing

          Protecting your factory environments – from traditional devices to state-of-the-art infrastructures

          Learn more
      • Oil & Gas
        • Oil & Gas

          ICS/OT Security for the oil and gas utility industry

          Learn more
      • Electric Utility
        • Electric Utility

          ICS/OT Security for the electric utility

          Learn more
      • Automotive
        • Automotive
          Learn more
      • 5G Networks
        • 5G Networks
          Learn more
  • Products
    • Cloud Security
      • Cloud Security
        • Trend Cloud One
          Cloud Security Overview

          The most trusted cloud security platform for developers, security teams, and businesses

          Learn more
      • Workload Security
        • Workload Security

          Secure your data centre, cloud, and containers without compromising performance by leveraging a cloud security platform with CNAPP capabilities

          Learn more
      • Cloud Security Posture Management
        • Cloud Security Posture Management

          Leverage complete visibility and rapid remediation

          Learn more
      • Container Security
        • Container Security

          Simplify security for your cloud-native applications with advanced container image scanning, policy-based admission control, and container runtime protection

          Learn more
      • File Storage Security
        • File Storage Security

          Security for cloud file/object storage services leveraging cloud-native application architectures

          Learn more
      • Endpoint Security
        • Endpoint Security

          Defend your endpoints at every stage

          Learn more
      • Network Security
        • Network Security

          Advanced cloud-native network security detection, protection, and cyber threat disruption for your single and multi-cloud environments.

          Learn more
      • Open Source Security
        • Open Source Security

          Visibility and monitoring of open source vulnerabilities for SecOps

          Learn more
      • Cloud Visibility
        • Cloud Visibility

          As your organisation continues to move data and apps to the cloud and transform your IT infrastructure, mitigating risk without slowing down the business is critical.

          Learn more
    • Network Security
      • Network Security
        • Network Security Overview

          Expand the power of XDR with network detection and response

          Learn more
      • Network Intrusion Prevention (IPS)
        • Network Intrusion Prevention (IPS)

          Protect against known, unknown, and undisclosed vulnerabilities in your network

          Learn more
      • Breach Detection System (BDS)
        • Breach Detection System (BDS)

          Detect and respond to targeted attacks moving inbound, outbound, and laterally

          Learn more
      • Secure Service Edge (SSE)
        • Secure Service Edge (SSE)

          Redefine trust and secure digital transformation with continuous risk assessments

          Learn more
      • OT & ICS Security
        • OT & ICS Security
          Learn more
    • Endpoint & Email Security
      • Endpoint & Email Security
        • Endpoint & Email Security Overview

          Protect your users on any device, any application, anywhere with Trend Micro Workforce One

          Learn more
      • Endpoint Protection
        • Endpoint Protection
          Learn more
      • Email Security
        • Email Security

          Stop phishing, malware, ransomware, fraud, and targeted attacks from infiltrating your enterprise

          Learn more
      • Mobile Security
        • Mobile Security

          On-premises and cloud protection against malware, malicious applications, and other mobile threats

          Learn more
    • Security Operations
      • Security Operations
        • Security Operations Overview

          Complete, centralised visibility across the modern enterprise

          Learn more
      • Attack Surface Management
        • Attack Surface Management

          Operationalise a zero trust strategy

          Learn more
      • XDR (Extended Detection & Response)
        • XDR (Extended Detection & Response)

          Stop adversaries faster with a broader perspective and better context to hunt, detect, investigate, and respond to threats from a single platform

          Learn more
      • Threat Intelligence
        • Threat Intelligence

          Keep ahead of the latest threats and protect your critical data with ongoing threat prevention and analysis

          Learn more
    • Small & Midsized Business Security
      • Small & Midsized Business Security

        Stop threats with comprehensive, set-it-and-forget-it protection

        Learn more
    • All Products, Services and Trials
      • All Products, Services and Trials
        Learn more
  • Research
    • Research
      • Research
        • Research
          Learn more
      • About Our Research
        • About Our Research
          Learn more
      • Research, News, and Perspectives
        • Research, News, and Perspectives
          Learn more
      • Research and Analysis
        • Research and Analysis
          Learn more
      • Blog
        • Blog
          Learn more
      • Security News
        • Security News
          Learn more
      • Zero Day Initiatives (ZDI)
        • Zero Day Initiatives (ZDI)
          Learn more
  • Services
    • Our Services
      • Our Services
        • Our Services
          Learn more
      • Service Packages
        • Service Packages

          Augment security teams with 24/7/365 managed detection, response, and support

          Learn more
      • Managed XDR
        • Managed XDR

          Augment threat detection with expertly managed detection and response (MDR) for email, endpoints, servers, cloud workloads, and networks

          Learn more
      • Support Services
        • Support Services
          Learn more
  • Partners
    • Channel Partners
      • Channel Partners
        • Channel Partner Overview

          Grow your business and protect your customers with the best-in-class complete, multilayered security

          Learn more
      • Managed Service Provider
        • Managed Service Provider

          Partner with a leading expert in cybersecurity, leverage proven solutions designed for MSPs

          Learn more
      • Cloud Service Provider
        • Cloud Service Provider

          Add market-leading security to your cloud service offerings – no matter which platform you use

          Learn more
      • Professional Services
        • Professional Services

          Increase revenue with industry-leading security

          Learn more
      • Resellers
        • Resellers

          Discover the possibilities

          Learn more
      • Marketplace
        • Marketplace
          Learn more
      • System Integrators
        • System Integrators
          Learn more
    • Alliance Partners
      • Alliance Partners
        • Alliance Overview

          We work with the best to help you optimise performance and value

          Learn more
      • Technology Alliance Partners
        • Technology Alliance Partners
          Learn more
      • Our Alliance Partners
        • Our Alliance Partners
          Learn more
    • Partner Tools
      • Partner Tools
        • Partner Tools
          Learn more
      • Partner Login
        • Partner Login
          Login
      • Education and Certification
        • Education and Certification
          Learn more
      • Partner Successes
        • Partner Successes
          Learn more
      • Distributors
        • Distributors
          Learn more
      • Find a Partner
        • Find a Partner
          Learn more
  • About
    • Why Trend Micro
      • Why Trend Micro
        • Why Trend Micro
          Learn more
      • The Trend Micro Difference
        • The Trend Micro Difference
          Learn more
      • Customer Success Stories
        • Customer Success Stories
          Learn more
      • Industry Accolades
        • Industry Accolades
          Learn more
      • Strategic Alliances
        • Strategic Alliances
          Learn more
    • Company
      • Company
        • Company
          Learn more
      • Trust Centre
        • Trust Centre
          Learn more
      • History
        • History
          Learn more
      • Diversity, Equity and Inclusion
        • Diversity, Equity and Inclusion
          Learn more
      • Corporate Social Responsibility
        • Corporate Social Responsibility
          Learn more
      • Leadership
        • Leadership
          Learn more
      • Security Experts
        • Security Experts
          Learn more
      • Internet Safety and Cybersecurity Education
        • Internet Safety and Cybersecurity Education
          Learn more
      • Legal
        • Legal
          Learn more
    • Resources
      • Resources
        • Resources
          Learn more
      • Newsroom
        • Newsroom
          Learn more
      • Events
        • Events
          Learn more
      • Investors
        • Investors
          Learn more
      • Careers
        • Careers
          Learn more
      • Webinars
        • Webinars
          Learn more
  • Free Trials
  • Contact Us
Looking for home solutions?
Under Attack?
Support
  • Business Support Portal
  • Virus and Threat Help
  • Renewals and Registration
  • Education and Certification
  • Contact Support
  • Find a Support Partner
Resources
  • Cyber Risk Index/Assessment
  • CISO Resource Centre
  • DevOps Resource Centre
  • What Is?
  • Threat Encyclopædia
  • Cloud Health Assessment
  • Cyber Insurance
  • Glossary of Terms
  • Webinars
Log In
  • Support
  • Partner Portal
  • Cloud One
  • Product Activation and Management
  • Referral Affiliate
➔
search
✕
  • Threat Encyclopedia
  • Network Content Inspection Rules

Network Content Inspection Rules

    Confidence Level:  
    Low
    Medium
    High
    Default Rule:  
    Enable
    Disable
    Rule IDRule DescriptionConfidence LevelDDI Default RuleNetwork Content Inspection Pattern Release Date
    DDI RULE 4818 CVE-2022-36804 - Atlassian Bitbucket Command Injection Exploit - HTTP(REQUEST)
    2023/03/15DDI RULE 4818/vinfo/au/threat-encyclopedia/network/ddi-rule-4818
    DDI RULE 4532 CVE-2021-26855 - Exchange Server Side Request Forgery Exploit - HTTP (REQUEST) - Variant 2
    2023/03/14DDI RULE 4532/vinfo/au/threat-encyclopedia/network/ddi-rule-4532
    DDI RULE 4817 WINEXE DETECTED - SMB2(REQUEST)
    2023/03/13DDI RULE 4817/vinfo/au/threat-encyclopedia/network/ddi-rule-4817
    DDI RULE 4816 WINEXE DETECTED - SMB(REQUEST)
    2023/03/09DDI RULE 4816/vinfo/au/threat-encyclopedia/network/ddi-rule-4816
    DDI RULE 4815 CVE-2022-41082 - MS EXCHANGE POWERSHELL RCE EXPLOIT - HTTP(REQUEST)
    2023/03/07DDI RULE 4815/vinfo/au/threat-encyclopedia/network/ddi-rule-4815
    DDI RULE 4812 CVE-2022-1040 - SOPHOS FIREWALL USER PORTAL AND WEBADMIN REMOTE CODE EXECUTION - HTTP(EXPLOIT)
    2023/02/16DDI RULE 4812/vinfo/au/threat-encyclopedia/network/ddi-rule-4812
    DDI RULE 4811 CVE-2021-21974 - VMWARE OPENSLP RCE EXPLOIT - TCP(REQUEST)
    2023/02/14DDI RULE 4811/vinfo/au/threat-encyclopedia/network/ddi-rule-4811
    DDI RULE 4808 CVE-2022-40624 - NETGATE RCE EXPLOIT - HTTP(REQUEST)
    2023/02/09DDI RULE 4808/vinfo/au/threat-encyclopedia/network/ddi-rule-4808
    DDI RULE 4806 CVE-2022-44877 - CENTOS WEB PANEL COMMAND INJECTION - HTTP(EXPLOIT)
    2023/02/09DDI RULE 4806/vinfo/au/threat-encyclopedia/network/ddi-rule-4806
    DDI RULE 4807 CVE-2022-47966 - ZOHO MANAGEENGINE RCE - HTTP(REQUEST)
    2023/02/09DDI RULE 4807/vinfo/au/threat-encyclopedia/network/ddi-rule-4807
    DDI RULE 4805 CVE-2022-21587 - ORACLE DESKTOP INTEGRATOR DIRECTORY TRAVERSAL EXPLOIT - HTTP(REQUEST)
    2023/02/08DDI RULE 4805/vinfo/au/threat-encyclopedia/network/ddi-rule-4805
    DDI RULE 4804 CVE-2022-4223 - PGADMIN RCE EXPLOIT - HTTP(REQUEST)
    2023/02/06DDI RULE 4804/vinfo/au/threat-encyclopedia/network/ddi-rule-4804
    DDI RULE 4803 MALLOX - HTTP(REQUEST)
    2023/01/30DDI RULE 4803/vinfo/au/threat-encyclopedia/network/ddi-rule-4803
    DDI RULE 4802 CHISEL TUNNELING - HTTP(RESPONSE)
    2023/01/17DDI RULE 4802/vinfo/au/threat-encyclopedia/network/ddi-rule-4802
    DDI RULE 4801 CVE-2022-29499 - MITEL MIVOICE RCE - HTTP(EXPLOIT)
    2023/01/11DDI RULE 4801/vinfo/au/threat-encyclopedia/network/ddi-rule-4801
    DDI RULE 4800 MIMIKATZ SHELL - HTTP(RESPONSE)
    2022/12/14DDI RULE 4800/vinfo/au/threat-encyclopedia/network/ddi-rule-4800
    DDI RULE 4799 MIMIKATZ SHELL - TCP
    2022/12/14DDI RULE 4799/vinfo/au/threat-encyclopedia/network/ddi-rule-4799
    DDI RULE 4792 CVE-2022-35951 - REDIS INTEGER OVERFLOW - TCP(REQUEST)
    2022/12/07DDI RULE 4792/vinfo/au/threat-encyclopedia/network/ddi-rule-4792
    DDI RULE 4798 CVE-2022-30216 - WINDOWS SERVER SERVICES TAMPERING EXPLOIT - SMB2(REQUEST)
    2022/12/01DDI RULE 4798/vinfo/au/threat-encyclopedia/network/ddi-rule-4798
    DDI RULE 4797 CVE-2022-34721 - Windows Internet Key Exchange - Buffer Overflow RCE ISKAMP EXPLOIT - UDP(REQUEST)
    2022/11/28DDI RULE 4797/vinfo/au/threat-encyclopedia/network/ddi-rule-4797
    DDI RULE 4796 MICROSOFT EXCHANGE POWERSHELL EXPLOIT - HTTP(REQUEST)
    2022/11/28DDI RULE 4796/vinfo/au/threat-encyclopedia/network/ddi-rule-4796
    DDI RULE 4786 CVE-2022-41040 - MS Exchange Server Side Request Forgery Exploit- HTTP(REQUEST)
    2022/11/24DDI RULE 4786/vinfo/au/threat-encyclopedia/network/ddi-rule-4786
    DDI RULE 4795 CVE-2022-38129 - KEYSIGHT SMS DIRECTORY TRAVERSAL - HTTP(REQUEST)
    2022/11/16DDI RULE 4795/vinfo/au/threat-encyclopedia/network/ddi-rule-4795
    DDI RULE 4793 CVE-2022-3602 - OPENSSL BUFFER OVERFLOW EXPLOIT - TCP(REQUEST)
    2022/11/14DDI RULE 4793/vinfo/au/threat-encyclopedia/network/ddi-rule-4793
    DDI RULE 4794 CVE-2022-3602 - OPENSSL BUFFER OVERFLOW EXPLOIT - TCP(RESPONSE)
    2022/11/14DDI RULE 4794/vinfo/au/threat-encyclopedia/network/ddi-rule-4794
    DDI RULE 4790 CVE-2022-40684 - FORTINET AUTHBYPASS EXPLOIT - HTTP(REQUEST)
    2022/10/24DDI RULE 4790/vinfo/au/threat-encyclopedia/network/ddi-rule-4790
    DDI RULE 4791 CVE-2022-40300 - ZOHO MANAGEENGINE SQL CODE INJECTION - HTTP(REQUEST)
    2022/10/24DDI RULE 4791/vinfo/au/threat-encyclopedia/network/ddi-rule-4791
    DDI RULE 4789 CVE-2022-3236 - SOPHOS FIREWALL RCE - HTTP(REQUEST)
    2022/10/19DDI RULE 4789/vinfo/au/threat-encyclopedia/network/ddi-rule-4789
    DDI RULE 4788 CVE-2022-26013 - DELTA ELECTRONICS DIAENERGIE RCE EXPLOIT - HTTP(REQUEST)
    2022/10/17DDI RULE 4788/vinfo/au/threat-encyclopedia/network/ddi-rule-4788
    DDI RULE 4787 RPC POSSIBLE DCSYNC - DCE (REQUEST) - Variant 2
    2022/10/11DDI RULE 4787/vinfo/au/threat-encyclopedia/network/ddi-rule-4787
    DDI RULE 4785 CVE-2022-40144 - Trend Micro Apex One Login Authentication Bypass Exploit - HTTP(REQUEST)
    2022/09/27DDI RULE 4785/vinfo/au/threat-encyclopedia/network/ddi-rule-4785
    DDI RULE 4756 CVE-2022-22980 - SPRING DATA MONGODB REMOTE CODE EXECUTION - HTTP(REQUEST)
    2022/09/15DDI RULE 4756/vinfo/au/threat-encyclopedia/network/ddi-rule-4756
    DDI RULE 4764 CVE-2022-30525 - ZYXEL FIREWALL COMMAND INJECTION - HTTP(REQUEST)
    2022/09/15DDI RULE 4764/vinfo/au/threat-encyclopedia/network/ddi-rule-4764
    DDI RULE 4781 CVE-2022-2135 - Advantech iView SQL Injection Exploit - HTTP(REQUEST)
    2022/09/14DDI RULE 4781/vinfo/au/threat-encyclopedia/network/ddi-rule-4781
    DDI RULE 4688 COROXY - UDP(REQUEST)
    2022/09/14DDI RULE 4688/vinfo/au/threat-encyclopedia/network/ddi-rule-4688
    DDI RULE 4678 CVE-2022-22965 - SPRING RCE EXPLOIT - HTTP(REQUEST)
    2022/09/14DDI RULE 4678/vinfo/au/threat-encyclopedia/network/ddi-rule-4678
    DDI RULE 4779 CVE-2022-35405 - ZOHO MANAGE ENGINE RCE EXPLOIT - HTTP(REQUEST)
    2022/09/13DDI RULE 4779/vinfo/au/threat-encyclopedia/network/ddi-rule-4779
    DDI RULE 4780 CVE-2022-2135 - HIKVISION WEB SERVER RCE EXPLOIT - HTTP(REQUEST)
    2022/09/07DDI RULE 4780/vinfo/au/threat-encyclopedia/network/ddi-rule-4780
    DDI RULE 1007 WMI Execute Method Request detected
    2022/09/06DDI RULE 1007/vinfo/au/threat-encyclopedia/network/ddi-rule-1007
    DDI RULE 4777 ANYDESK - HTTPS(REQUEST)
    2022/08/31DDI RULE 4777/vinfo/au/threat-encyclopedia/network/ddi-rule-4777
    DDI RULE 4778 ATERA - HTTP(REQUEST)
    2022/08/30DDI RULE 4778/vinfo/au/threat-encyclopedia/network/ddi-rule-4778
    DDI RULE 4776 CVE-2022-31659 - VMWARE AUTHBYPASS EXPLOIT - HTTP(REQUEST)
    2022/08/23DDI RULE 4776/vinfo/au/threat-encyclopedia/network/ddi-rule-4776
    DDI RULE 4775 CVE-2022-31656 - VMWARE AUTHBYPASS EXPLOIT - HTTP(REQUEST)
    2022/08/23DDI RULE 4775/vinfo/au/threat-encyclopedia/network/ddi-rule-4775
    DDI RULE 4774 CVE-2022-27925 - ZIMBRA RCE EXPLOIT - HTTP(REQUEST)
    2022/08/22DDI RULE 4774/vinfo/au/threat-encyclopedia/network/ddi-rule-4774
    DDI RULE 4773 CVE-2022-21972 - PTPP REMOTE CODE EXECUTION - TCP(EXPLOIT)
    2022/08/18DDI RULE 4773/vinfo/au/threat-encyclopedia/network/ddi-rule-4773
    DDI RULE 4768 SUSPICIOUS WINREG - SMB2(REQUEST)
    2022/08/16DDI RULE 4768/vinfo/au/threat-encyclopedia/network/ddi-rule-4768
    DDI RULE 4772 WEBDAV DIRECTORY TRAVERSAL EXPLOIT - HTTP(RESPONSE)
    2022/08/12DDI RULE 4772/vinfo/au/threat-encyclopedia/network/ddi-rule-4772
    DDI RULE 4759 COMMAND INJECTION EXPLOIT SENSOR - HTTP (REQUEST) - Variant 2
    2022/08/11DDI RULE 4759/vinfo/au/threat-encyclopedia/network/ddi-rule-4759
    DDI RULE 4771 WVKEYLOGGER - HTTP(REQUEST)
    2022/08/02DDI RULE 4771/vinfo/au/threat-encyclopedia/network/ddi-rule-4771
    DDI RULE 4770 CVE-2022-23277 - EXCHANGE RCE EXPLOIT - HTTP(REQUEST)
    2022/07/27DDI RULE 4770/vinfo/au/threat-encyclopedia/network/ddi-rule-4770
    DDI RULE 2586 NECURS - HTTP (Request) - Variant 4
    2022/07/06DDI RULE 2586/vinfo/au/threat-encyclopedia/network/ddi-rule-2586
    DDI RULE 2573 MINER - TCP (Request)
    2022/07/06DDI RULE 2573/vinfo/au/threat-encyclopedia/network/ddi-rule-2573
    DDI RULE 4757 CVE-2022-26937 - NFS BUFFER OVERFLOW EXPLOIT - TCP(RESPONSE)
    2022/07/05DDI RULE 4757/vinfo/au/threat-encyclopedia/network/ddi-rule-4757
    DDI RULE 4641 CVE-2021-44228 - OGNL EXPLOIT - HTTP(REQUEST)
    2022/06/29DDI RULE 4641/vinfo/au/threat-encyclopedia/network/ddi-rule-4641
    DDI RULE 4753 CVE-2022-26809 - RPC INTEGER OVERFLOW - DCE(RESPONSE)
    2022/06/20DDI RULE 4753/vinfo/au/threat-encyclopedia/network/ddi-rule-4753
    DDI RULE 4750 CVE-2022-28213 - SAP XXE EXPLOIT - HTTP(REQUEST)
    2022/06/15DDI RULE 4750/vinfo/au/threat-encyclopedia/network/ddi-rule-4750
    DDI RULE 4699 ENVELOPE SQL INJECTION - HTTP (REQUEST) - Variant 2
    2022/06/13DDI RULE 4699/vinfo/au/threat-encyclopedia/network/ddi-rule-4699
    DDI RULE 4696 BLIND SSRF EXPLOIT - HTTP(REQUEST)
    2022/06/09DDI RULE 4696/vinfo/au/threat-encyclopedia/network/ddi-rule-4696
    DDI RULE 4694 OGNL REMOTE CODE EXECUTION EXPLOIT - HTTP(REQUEST)
    2022/06/07DDI RULE 4694/vinfo/au/threat-encyclopedia/network/ddi-rule-4694
    DDI RULE 4692 CVE-2019-18935 - TELERIK UI RCE - HTTP(REQUEST)
    2022/06/01DDI RULE 4692/vinfo/au/threat-encyclopedia/network/ddi-rule-4692
    DDI RULE 4689 POSSIBLE SQL INJECT RCE EXPLOIT - HTTP (SEN) - Variant 2
    2022/05/27DDI RULE 4689/vinfo/au/threat-encyclopedia/network/ddi-rule-4689
    DDI RULE 4691 CVE-2022-21907 - RCE EXPLOIT - HTTP (REQUEST) - Variant 2
    2022/05/24DDI RULE 4691/vinfo/au/threat-encyclopedia/network/ddi-rule-4691
    DDI RULE 2341 COBALTSTRIKE - HTTP (Request)
    2022/05/19DDI RULE 2341/vinfo/au/threat-encyclopedia/network/ddi-rule-2341
    DDI RULE 4690 CVE-2021-4039 - ZYXEL NWA COMMAND INJECTION - HTTP(REQUEST)
    2022/05/18DDI RULE 4690/vinfo/au/threat-encyclopedia/network/ddi-rule-4690
    DDI RULE 4687 METASPLOIT COBALTSTRIKE STAGER - HTTP(RESPONSE)
    2022/05/12DDI RULE 4687/vinfo/au/threat-encyclopedia/network/ddi-rule-4687
    DDI RULE 4685 CVE-2021-22204 - REMOTE CODE EXECUTION - HTTP(EXPLOIT)
    2022/05/10DDI RULE 4685/vinfo/au/threat-encyclopedia/network/ddi-rule-4685
    DDI RULE 4609 PAYLOADBIN - HTTP (REQUEST) - Variant 1
    2022/05/05DDI RULE 4609/vinfo/au/threat-encyclopedia/network/ddi-rule-4609
    DDI RULE 4686 RATSNIF - HTTP(REQUEST)
    2022/05/02DDI RULE 4686/vinfo/au/threat-encyclopedia/network/ddi-rule-4686
    DDI RULE 4683 CVE-2022-24491 - NFS BUFFER OVERFLOW EXPLOIT - UDP(REQUEST)
    2022/04/26DDI RULE 4683/vinfo/au/threat-encyclopedia/network/ddi-rule-4683
    DDI RULE 4684 CVE-2022-22954 - WORKSPACE ONE RCE - HTTP(REQUEST)
    2022/04/25DDI RULE 4684/vinfo/au/threat-encyclopedia/network/ddi-rule-4684
    DDI RULE 4599 KASEYA AUTHBYPASS EXPLOIT - HTTP(REQUEST)
    2022/04/21DDI RULE 4599/vinfo/au/threat-encyclopedia/network/ddi-rule-4599
    DDI RULE 4570 COBALTSTRIKE - DNS (Response) - Variant 2
    2022/04/19DDI RULE 4570/vinfo/au/threat-encyclopedia/network/ddi-rule-4570
    DDI RULE 4462 Metasploit (Payload) - RC4 Encrypted Reverse TCP - TCP (Request)
    2022/04/12DDI RULE 4462/vinfo/au/threat-encyclopedia/network/ddi-rule-4462
    DDI RULE 4662 Metasploit(Payload) - Reverse DLL Inject - TCP (Response) - Variant 2
    2022/04/11DDI RULE 4662/vinfo/au/threat-encyclopedia/network/ddi-rule-4662
    DDI RULE 4681 CVE-2018-8174 - REMOTE CODE EXECUTION - HTTP(RESPONSE)
    2022/04/04DDI RULE 4681/vinfo/au/threat-encyclopedia/network/ddi-rule-4681
    DDI RULE 4679 POSSIBLE JAVA CLASSLOADER RCE EXPLOIT - HTTP(REQUEST)
    2022/04/01DDI RULE 4679/vinfo/au/threat-encyclopedia/network/ddi-rule-4679
    DDI RULE 4676 TELLYOUTHEPASS - HTTP(REQUEST)
    2022/03/29DDI RULE 4676/vinfo/au/threat-encyclopedia/network/ddi-rule-4676
    DDI RULE 4675 CVE-2022-0435 - TIPC BUFFEROVERFLOW EXPLOIT - UDP(REQUEST)
    2022/03/24DDI RULE 4675/vinfo/au/threat-encyclopedia/network/ddi-rule-4675
    DDI RULE 4668 CVE-2020-17144 - REMOTE CODE EXECUTION EXPLOIT - HTTP(REQUEST)
    2022/03/23DDI RULE 4668/vinfo/au/threat-encyclopedia/network/ddi-rule-4668
    DDI RULE 4674 TOOL PDQDEPLOY - SMB2(REQUEST)
    2022/03/21DDI RULE 4674/vinfo/au/threat-encyclopedia/network/ddi-rule-4674
    DDI RULE 4672 COBALT STRIKE DEFAULT NAMED PIPE - SMB2(REQUEST)
    2022/03/17DDI RULE 4672/vinfo/au/threat-encyclopedia/network/ddi-rule-4672
    DDI RULE 4671 CVE-2022-24112 - APACHE APISIX RCE - HTTP(REQUEST)
    2022/03/14DDI RULE 4671/vinfo/au/threat-encyclopedia/network/ddi-rule-4671
    DDI RULE 4670 CVE-2021-44077 - REMOTE CODE EXECUTION EXPLOIT - HTTP(REQUEST)
    2022/03/07DDI RULE 4670/vinfo/au/threat-encyclopedia/network/ddi-rule-4670
    DDI RULE 4669 PURPLE FOX ROOTKIT DOWNLOAD - HTTP(REQUEST)
    2022/03/07DDI RULE 4669/vinfo/au/threat-encyclopedia/network/ddi-rule-4669
    DDI RULE 4667 PURPLEFOX ROOTKIT - TCP(REQUEST)
    2022/03/02DDI RULE 4667/vinfo/au/threat-encyclopedia/network/ddi-rule-4667
    DDI RULE 4665 PURPLEFOX ROOTKIT DOWNLOAD - HTTP(RESPONSE)
    2022/02/28DDI RULE 4665/vinfo/au/threat-encyclopedia/network/ddi-rule-4665
    DDI RULE 4666 CVE-2022-24086 - INPUT VALIDATION EXPLOIT - HTTP(REQUEST)
    2022/02/28DDI RULE 4666/vinfo/au/threat-encyclopedia/network/ddi-rule-4666
    DDI RULE 4664 CVE-2021-40870 - DIRECTORY TRAVERSAL - HTTP(REQUEST)
    2022/02/24DDI RULE 4664/vinfo/au/threat-encyclopedia/network/ddi-rule-4664
    DDI RULE 4663 CVE-2021-25296 - NAGIOSXI CMD INJECTION EXPLOIT - HTTP(REQUEST)
    2022/02/24DDI RULE 4663/vinfo/au/threat-encyclopedia/network/ddi-rule-4663
    DDI RULE 4661 Possible CVE-2020-11978 - APACHE AIRFLOW RCE EXPLOIT - HTTP(REQUEST)
    2022/02/21DDI RULE 4661/vinfo/au/threat-encyclopedia/network/ddi-rule-4661
    DDI RULE 4659 CVE-2021-44142 - BUFFER OVERFLOW EXPLOIT - SMB2(REQUEST)
    2022/02/15DDI RULE 4659/vinfo/au/threat-encyclopedia/network/ddi-rule-4659
    DDI RULE 4660 CVE-2020-14864 - DIRECTORY TRAVERSAL EXPLOIT - HTTP(REQUEST)
    2022/02/14DDI RULE 4660/vinfo/au/threat-encyclopedia/network/ddi-rule-4660
    DDI RULE 4656 CONTENTTYPE MESSAGEBODY MISMATCH - HTTP(RESPONSE)
    2022/02/07DDI RULE 4656/vinfo/au/threat-encyclopedia/network/ddi-rule-4656
    DDI RULE 4658 CVE-2022-21907 - HTTP STACK RCE EXPLOIT - HTTP(REQUEST)
    2022/01/26DDI RULE 4658/vinfo/au/threat-encyclopedia/network/ddi-rule-4658
    DDI RULE 4655 MAGNIBER - HTTP(REQUEST)
    2022/01/19DDI RULE 4655/vinfo/au/threat-encyclopedia/network/ddi-rule-4655
    DDI RULE 4651 CVE-2021-44790 - APACHE BUFFER OVERFLOW EXPLOIT - HTTP(REQUEST)
    2022/01/13DDI RULE 4651/vinfo/au/threat-encyclopedia/network/ddi-rule-4651
    DDI RULE 4650 NWORM - TCP(REQUEST)
    2022/01/05DDI RULE 4650/vinfo/au/threat-encyclopedia/network/ddi-rule-4650
    DDI RULE 4649 CVE-2021-44832 - LOG4J EXPLOIT - HTTP(REQUEST)
    2021/12/30DDI RULE 4649/vinfo/au/threat-encyclopedia/network/ddi-rule-4649
    DDI RULE 4645 CVE-2021-42287 - KDC VULNERABILITY - LDAP(REQUEST)
    2021/12/29DDI RULE 4645/vinfo/au/threat-encyclopedia/network/ddi-rule-4645
    DDI RULE 4647 SUNCRYPT - HTTP(REQUEST)
    2021/12/27DDI RULE 4647/vinfo/au/threat-encyclopedia/network/ddi-rule-4647
    DDI RULE 4648 CVE-2021-45105 - OGNL EXPLOIT - HTTP(REQUEST)
    2021/12/27DDI RULE 4648/vinfo/au/threat-encyclopedia/network/ddi-rule-4648
    DDI RULE 4646 CONNECTWISE - DNS(RESPONSE)
    2021/12/22DDI RULE 4646/vinfo/au/threat-encyclopedia/network/ddi-rule-4646
    DDI RULE 4642 POSSIBLE HTTP HEADER OGNL EXPRESSION EXPLOIT - HTTP(REQUEST)
    2021/12/21DDI RULE 4642/vinfo/au/threat-encyclopedia/network/ddi-rule-4642
    DDI RULE 4644 POSSIBLE HTTP URI OGNL EXPRESSION EXPLOIT - HTTP (REQUEST) - Variant 3
    2021/12/18DDI RULE 4644/vinfo/au/threat-encyclopedia/network/ddi-rule-4644
    DDI RULE 4643 POSSIBLE HTTP BODY OGNL EXPRESSION EXPLOIT - HTTP (REQUEST) - Variant 2
    2021/12/13DDI RULE 4643/vinfo/au/threat-encyclopedia/network/ddi-rule-4643
    DDI RULE 4639 CVE-2019-5544 - VMWARE OPENSLP RCE EXPLOIT - UDP(REQUEST)
    2021/12/02DDI RULE 4639/vinfo/au/threat-encyclopedia/network/ddi-rule-4639
    DDI RULE 4640 CVE-2021-42321 - EXCHANGE RCE EXPLOIT - HTTP(REQUEST)
    2021/11/26DDI RULE 4640/vinfo/au/threat-encyclopedia/network/ddi-rule-4640
    DDI RULE 4638 BAZARLOADER - DNS(RESPONSE)
    2021/11/17DDI RULE 4638/vinfo/au/threat-encyclopedia/network/ddi-rule-4638
    DDI RULE 4637 BAZARLOADER - HTTP(RESPONSE)
    2021/11/15DDI RULE 4637/vinfo/au/threat-encyclopedia/network/ddi-rule-4637
    DDI RULE 4636 QAKBOT - SMTP(REQUEST)
    2021/11/10DDI RULE 4636/vinfo/au/threat-encyclopedia/network/ddi-rule-4636
    DDI RULE 4635 QAKBOT - HTTP (RESPONSE) - Variant 2
    2021/11/02DDI RULE 4635/vinfo/au/threat-encyclopedia/network/ddi-rule-4635
    DDI RULE 4634 Encryption Channel - HTTP(Request)
    2021/10/27DDI RULE 4634/vinfo/au/threat-encyclopedia/network/ddi-rule-4634
    DDI RULE 4257 ANTSWORD - HTTP (Request) - Variant 2
    2021/10/18DDI RULE 4257/vinfo/au/threat-encyclopedia/network/ddi-rule-4257
    DDI RULE 2889 ANTSWORD - HTTP (Request)
    2021/10/18DDI RULE 2889/vinfo/au/threat-encyclopedia/network/ddi-rule-2889
    DDI RULE 40 Unregistered service
    2021/10/18DDI RULE 40/vinfo/au/threat-encyclopedia/network/ddi-rule-40
    DDI RULE 4633 CVE-2021-41773 - APACHE TRAVERSAL RCE EXPLOIT - HTTP(REQUEST)
    2021/10/13DDI RULE 4633/vinfo/au/threat-encyclopedia/network/ddi-rule-4633
    DDI RULE 4632 ZLOADER - DNS(RESPONSE)
    2021/10/12DDI RULE 4632/vinfo/au/threat-encyclopedia/network/ddi-rule-4632
    DDI RULE 4631 DULLDOWN - HTTP(REQUEST)
    2021/10/11DDI RULE 4631/vinfo/au/threat-encyclopedia/network/ddi-rule-4631
    DDI RULE 1063 APT - DARKCOMET - TCP
    2021/10/07DDI RULE 1063/vinfo/au/threat-encyclopedia/network/ddi-rule-1063
    DDI RULE 4604 PETITPOTAM EFS NTLM RELAY ATTACK - SMB2(RESPONSE)
    2021/10/06DDI RULE 4604/vinfo/au/threat-encyclopedia/network/ddi-rule-4604
    DDI RULE 4485 CVE-2020-14882 - Oracle WebLogic Remote Code Execution Exploit - HTTP (Request)
    2021/10/04DDI RULE 4485/vinfo/au/threat-encyclopedia/network/ddi-rule-4485
    DDI RULE 4630 CVE-2021-22005 VCENTER DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)
    2021/09/29DDI RULE 4630/vinfo/au/threat-encyclopedia/network/ddi-rule-4630
    DDI RULE 4629 TRANSFER BASE64ENCODE PE FILE - HTTP(RESPONSE)
    2021/09/27DDI RULE 4629/vinfo/au/threat-encyclopedia/network/ddi-rule-4629
    DDI RULE 4528 Possible Wget Commandline Injection
    2021/09/21DDI RULE 4528/vinfo/au/threat-encyclopedia/network/ddi-rule-4528
    DDI RULE 4627 BLACKMATTER - HTTP(REQUEST)
    2021/09/20DDI RULE 4627/vinfo/au/threat-encyclopedia/network/ddi-rule-4627
    DDI RULE 4628 POWEMUDDY - HTTP(REQUEST)
    2021/09/16DDI RULE 4628/vinfo/au/threat-encyclopedia/network/ddi-rule-4628
    DDI RULE 4625 Possible HTTP SMUGGLING - HTTP(REQUEST)
    2021/09/16DDI RULE 4625/vinfo/au/threat-encyclopedia/network/ddi-rule-4625
    DDI RULE 4626 DONOFF - DNS(RESPONSE)
    2021/09/14DDI RULE 4626/vinfo/au/threat-encyclopedia/network/ddi-rule-4626
    DDI RULE 4152 COBALTSTRIKE - HTTP (Response)
    2021/09/14DDI RULE 4152/vinfo/au/threat-encyclopedia/network/ddi-rule-4152
    DDI RULE 4624 CVE-2021-31207 - EXCHANGE EXPLOIT - HTTP(RESPONSE)
    2021/09/08DDI RULE 4624/vinfo/au/threat-encyclopedia/network/ddi-rule-4624
    DDI RULE 4623 CVE-2021-26084 - CONFLUENCE OGNL RCE EXPLOIT - HTTP(REQUEST)
    2021/09/07DDI RULE 4623/vinfo/au/threat-encyclopedia/network/ddi-rule-4623
    DDI RULE 4621 CVE-2021-37161 - PTS SWISSLOG BUFFER OVERFLOW EXPLOIT - UDP (Request)
    2021/09/06DDI RULE 4621/vinfo/au/threat-encyclopedia/network/ddi-rule-4621
    DDI RULE 4622 CVE-2021-37164 - PTS SWISSLOG BUFFER OVERFLOW EXPLOIT - UDP (Request)
    2021/09/06DDI RULE 4622/vinfo/au/threat-encyclopedia/network/ddi-rule-4622
    DDI RULE 2184 Possible Successful Logon Connection - RDP (Request)
    2021/09/06DDI RULE 2184/vinfo/au/threat-encyclopedia/network/ddi-rule-2184
    DDI RULE 1200 Possible SYN Flood Detected
    2021/09/06DDI RULE 1200/vinfo/au/threat-encyclopedia/network/ddi-rule-1200
    DDI RULE 4558 REDLINE - HTTP (REQUEST)
    2021/09/02DDI RULE 4558/vinfo/au/threat-encyclopedia/network/ddi-rule-4558
    DDI RULE 4620 CVE-2021-22123 - FORTINET RCE - HTTP(EXPLOIT)
    2021/08/31DDI RULE 4620/vinfo/au/threat-encyclopedia/network/ddi-rule-4620
    DDI RULE 4342 CVE-2020-7247 - OPENSMTPD RCE EXPLOIT - SMTP (REQUEST)
    2021/08/26DDI RULE 4342/vinfo/au/threat-encyclopedia/network/ddi-rule-4342
    DDI RULE 4618 ICEID - HTTP(REQUEST)
    2021/08/25DDI RULE 4618/vinfo/au/threat-encyclopedia/network/ddi-rule-4618
    DDI RULE 4619 NEGASTEAL - FTP(REQUEST)
    2021/08/23DDI RULE 4619/vinfo/au/threat-encyclopedia/network/ddi-rule-4619
    DDI RULE 4617 SIP POSSIBLE BRUTEFORCE - UDP(RESPONSE)
    2021/08/23DDI RULE 4617/vinfo/au/threat-encyclopedia/network/ddi-rule-4617
    DDI RULE 4576 CVE-2021-31166 - HTTP Protocol RCE Exploit - HTTP (REQUEST)
    2021/08/23DDI RULE 4576/vinfo/au/threat-encyclopedia/network/ddi-rule-4576
    DDI RULE 4616 POSSIBLE ZEPPELIN - HTTP(REQUEST)
    2021/08/19DDI RULE 4616/vinfo/au/threat-encyclopedia/network/ddi-rule-4616
    DDI RULE 4615 ZEPPELIN - HTTP(REQUEST)
    2021/08/18DDI RULE 4615/vinfo/au/threat-encyclopedia/network/ddi-rule-4615
    DDI RULE 4612 MGCP POSSIBLE EXFIL - UDP(REQUEST)
    2021/08/18DDI RULE 4612/vinfo/au/threat-encyclopedia/network/ddi-rule-4612
    DDI RULE 4614 SNMP POSSIBLE BRUTEFORCE - UDP(REQUEST)
    2021/08/17DDI RULE 4614/vinfo/au/threat-encyclopedia/network/ddi-rule-4614
    DDI RULE 4613 CVE-2021-31195 - EXCHANGE XSS - HTTP(EXPLOIT)
    2021/08/16DDI RULE 4613/vinfo/au/threat-encyclopedia/network/ddi-rule-4613
    DDI RULE 4593 CVE-2021-34473 - EXCHANGE SSRF EXPLOIT - HTTP(REQUEST)
    2021/08/12DDI RULE 4593/vinfo/au/threat-encyclopedia/network/ddi-rule-4593
    DDI RULE 4611 CVE-2021-26432 - NFS BUFFEROVERLOW EXPLOIT - UDP(REQUEST)
    2021/08/11DDI RULE 4611/vinfo/au/threat-encyclopedia/network/ddi-rule-4611
    DDI RULE 4589 Possible CVE-2021-34527 - Windows Print Spooler RCE - DCE (Request)
    2021/08/10DDI RULE 4589/vinfo/au/threat-encyclopedia/network/ddi-rule-4589
    DDI RULE 4602 NBT-NS Query Response
    2021/08/05DDI RULE 4602/vinfo/au/threat-encyclopedia/network/ddi-rule-4602
    DDI RULE 4605 PAYLOADBIN - HTTP(REQUEST)
    2021/08/03DDI RULE 4605/vinfo/au/threat-encyclopedia/network/ddi-rule-4605
    DDI RULE 4601 LLMNR Query Response
    2021/07/29DDI RULE 4601/vinfo/au/threat-encyclopedia/network/ddi-rule-4601
    DDI RULE 4603 ApexOne File Upload Exploit- HTTP(REQUEST)
    2021/07/27DDI RULE 4603/vinfo/au/threat-encyclopedia/network/ddi-rule-4603
    DDI RULE 4594 COBALTSTRIKE - HTTP(REQUEST) - Variant 3
    2021/07/27DDI RULE 4594/vinfo/au/threat-encyclopedia/network/ddi-rule-4594
    DDI RULE 4597 HACKADEMY - HTTP(RESPONSE)
    2021/07/21DDI RULE 4597/vinfo/au/threat-encyclopedia/network/ddi-rule-4597
    DDI RULE 4598 CVE-2021-3129 - LARAVEL RCE EXPLOIT - HTTP(REQUEST)
    2021/07/21DDI RULE 4598/vinfo/au/threat-encyclopedia/network/ddi-rule-4598
    DDI RULE 4596 LOADSELL - HTTP(REQUEST)
    2021/07/20DDI RULE 4596/vinfo/au/threat-encyclopedia/network/ddi-rule-4596
    DDI RULE 4595 NJRAT - TCP (REQUEST) - Variant 2
    2021/07/19DDI RULE 4595/vinfo/au/threat-encyclopedia/network/ddi-rule-4595
    DDI RULE 4531 RPC SECRETSDUMP DCSYNC - DCE (REQUEST)
    2021/07/19DDI RULE 4531/vinfo/au/threat-encyclopedia/network/ddi-rule-4531
    DDI RULE 4581 STOP - HTTP (REQUEST)
    2021/07/15DDI RULE 4581/vinfo/au/threat-encyclopedia/network/ddi-rule-4581
    DDI RULE 4592 REDLINE - HTTP(RESPONSE)
    2021/07/14DDI RULE 4592/vinfo/au/threat-encyclopedia/network/ddi-rule-4592
    DDI RULE 4588 Possible CVE-2021-34527 - Windows Print Spooler RCE - SMB (Request)
    2021/07/12DDI RULE 4588/vinfo/au/threat-encyclopedia/network/ddi-rule-4588
    DDI RULE 4591 REVIL - HTTP(REQUEST)
    2021/07/12DDI RULE 4591/vinfo/au/threat-encyclopedia/network/ddi-rule-4591
    DDI RULE 1109 TDSS - HTTP (Request)
    2021/07/01DDI RULE 1109/vinfo/au/threat-encyclopedia/network/ddi-rule-1109
    DDI RULE 4483 Remote Access Tool - VNC (Request)
    2021/06/23DDI RULE 4483/vinfo/au/threat-encyclopedia/network/ddi-rule-4483
    DDI RULE 4587 REVENGERAT - TCP(REQUEST)
    2021/06/21DDI RULE 4587/vinfo/au/threat-encyclopedia/network/ddi-rule-4587
    DDI RULE 2007 URSNIF - HTTP (Request) - Variant 3
    2021/06/17DDI RULE 2007/vinfo/au/threat-encyclopedia/network/ddi-rule-2007
    DDI RULE 4586 Remote Tools Certificate - SSL
    2021/06/15DDI RULE 4586/vinfo/au/threat-encyclopedia/network/ddi-rule-4586
    DDI RULE 4583 CVE-2021-21985 - VMWARE VSAN PLUGIN RCE EXPLOIT - HTTP (REQUEST)
    2021/06/07DDI RULE 4583/vinfo/au/threat-encyclopedia/network/ddi-rule-4583
    DDI RULE 4584 Malicious Certificate SHA1 Hash - SSL
    2021/06/03DDI RULE 4584/vinfo/au/threat-encyclopedia/network/ddi-rule-4584
    DDI RULE 4585 CVE-2017-12617 - APACHE TOMCAT PUT METHOD RCE - HTTP (REQUEST)
    2021/06/03DDI RULE 4585/vinfo/au/threat-encyclopedia/network/ddi-rule-4585
    DDI RULE 4582 LEMON DUCK - HTTP (REQUEST)
    2021/06/03DDI RULE 4582/vinfo/au/threat-encyclopedia/network/ddi-rule-4582
    DDI RULE 4571 Possible Suspicious Named Pipe - SMB2 (REQUEST)
    2021/05/28DDI RULE 4571/vinfo/au/threat-encyclopedia/network/ddi-rule-4571
    DDI RULE 4580 PROMETEI - HTTP (REQUEST)
    2021/05/27DDI RULE 4580/vinfo/au/threat-encyclopedia/network/ddi-rule-4580
    DDI RULE 4579 DENES - DNS (RESPONSE)
    2021/05/26DDI RULE 4579/vinfo/au/threat-encyclopedia/network/ddi-rule-4579
    DDI RULE 4572 GLUPTEBA - HTTP (REQUEST)
    2021/05/25DDI RULE 4572/vinfo/au/threat-encyclopedia/network/ddi-rule-4572
    DDI RULE 4577 MAGNIBER EK for Internet Explorer - HTTP (RESPONSE)
    2021/05/24DDI RULE 4577/vinfo/au/threat-encyclopedia/network/ddi-rule-4577
    DDI RULE 4578 CVE-2021-28482 - MS EXCHANGE DESERIALIZATION RCE EXPLOIT - HTTP (REQUEST)
    2021/05/20DDI RULE 4578/vinfo/au/threat-encyclopedia/network/ddi-rule-4578
    DDI RULE 4575 DENES - HTTP (REQUEST)
    2021/05/20DDI RULE 4575/vinfo/au/threat-encyclopedia/network/ddi-rule-4575
    DDI RULE 1541 EMOTET - HTTP (Request)
    2021/05/18DDI RULE 1541/vinfo/au/threat-encyclopedia/network/ddi-rule-1541
    DDI RULE 2348 CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request)
    2021/05/12DDI RULE 2348/vinfo/au/threat-encyclopedia/network/ddi-rule-2348
    DDI RULE 1642 CVE-2014-6278 - SHELLSHOCK HTTP Exploit
    2021/05/12DDI RULE 1642/vinfo/au/threat-encyclopedia/network/ddi-rule-1642
    DDI RULE 1618 CVE-2014-6271 - Shellshock HTTP Request
    2021/05/12DDI RULE 1618/vinfo/au/threat-encyclopedia/network/ddi-rule-1618
    DDI RULE 4573 CVE-2021-31181 - SHAREPOINT RCE EXPLOIT - HTTP (REQUEST)
    2021/05/12DDI RULE 4573/vinfo/au/threat-encyclopedia/network/ddi-rule-4573
    DDI RULE 4569 CVE-2021-27065 - MS EXCHANGE FILE WRITE RCE EXPLOIT - HTTP (REQUEST)
    2021/05/11DDI RULE 4569/vinfo/au/threat-encyclopedia/network/ddi-rule-4569
    DDI RULE 2034 RANSOM CRYPTESLA - HTTP (Request) - Variant 5
    2021/05/11DDI RULE 2034/vinfo/au/threat-encyclopedia/network/ddi-rule-2034
    DDI RULE 2117 DEMOCRY - Ransomware - HTTP (Request)
    2021/05/11DDI RULE 2117/vinfo/au/threat-encyclopedia/network/ddi-rule-2117
    DDI RULE 4567 BOXTER - HTTP (RESPONSE)
    2021/05/06DDI RULE 4567/vinfo/au/threat-encyclopedia/network/ddi-rule-4567
    DDI RULE 4568 BOXTER - HTTP (REQUEST)
    2021/05/06DDI RULE 4568/vinfo/au/threat-encyclopedia/network/ddi-rule-4568
    DDI RULE 4565 CVE-2021-24085 - EXCHANGE CSRF EXPLOIT - HTTP (REQUEST)
    2021/05/06DDI RULE 4565/vinfo/au/threat-encyclopedia/network/ddi-rule-4565
    DDI RULE 2786 ThinkPHP 5x Remote Code Execution - HTTP (Request)
    2021/05/04DDI RULE 2786/vinfo/au/threat-encyclopedia/network/ddi-rule-2786
    DDI RULE 4566 CVE-2020-17047 - Network File System RPC DOS EXPLOIT - TCP (REQUEST)
    2021/05/03DDI RULE 4566/vinfo/au/threat-encyclopedia/network/ddi-rule-4566
    DDI RULE 4564 CVE-2020-8243 - PULSE RCE EXPLOIT - HTTP (REQUEST)
    2021/04/29DDI RULE 4564/vinfo/au/threat-encyclopedia/network/ddi-rule-4564
    DDI RULE 4560 CVE-2021-20023 - SONICWALL DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)
    2021/04/28DDI RULE 4560/vinfo/au/threat-encyclopedia/network/ddi-rule-4560
    DDI RULE 4562 CVE-2019-9670 - ZIMBRA SUITE XXE EXPLOIT - HTTP (REQUEST)
    2021/04/28DDI RULE 4562/vinfo/au/threat-encyclopedia/network/ddi-rule-4562
    DDI RULE 4563 CVE-2020-8260 - PULSE RCE EXPLOIT - HTTP (REQUEST)
    2021/04/26DDI RULE 4563/vinfo/au/threat-encyclopedia/network/ddi-rule-4563
    DDI RULE 4561 CVE-2020-4006 - VMWARE CONFIGURATOR COMMAND INJECTION - HTTP (REQUEST)
    2021/04/26DDI RULE 4561/vinfo/au/threat-encyclopedia/network/ddi-rule-4561
    DDI RULE 4559 CVE-2019-11510 - PULSE INFORMATION DISCLOSURE - HTTP (REQUEST)
    2021/04/26DDI RULE 4559/vinfo/au/threat-encyclopedia/network/ddi-rule-4559
    DDI RULE 4551 CVE-2021-21975 - VREALIZE API SSRF EXPLOIT - HTTP (REQUEST)
    2021/04/21DDI RULE 4551/vinfo/au/threat-encyclopedia/network/ddi-rule-4551
    DDI RULE 4557 PANDASTEALER - HTTP (REQUEST)
    2021/04/21DDI RULE 4557/vinfo/au/threat-encyclopedia/network/ddi-rule-4557
    DDI RULE 4550 POSSIBLE PASSWORD SPRAY - LDAP (RESPONSE)
    2021/04/19DDI RULE 4550/vinfo/au/threat-encyclopedia/network/ddi-rule-4550
    DDI RULE 4555 CVE-2018-13374 - FORTIOS INFORMATION DISCLOSURE - HTTP (REQUEST)
    2021/04/19DDI RULE 4555/vinfo/au/threat-encyclopedia/network/ddi-rule-4555
    DDI RULE 4556 Possible CVE-2018-13374 - FORTIOS INFORMATION DISCLOSURE - HTTP (REQUEST)
    2021/04/19DDI RULE 4556/vinfo/au/threat-encyclopedia/network/ddi-rule-4556
    DDI RULE 4553 CVE-2018-13379 - FORTIOS DIRECTORY TRAVERSAL - HTTP (REQUEST)
    2021/04/15DDI RULE 4553/vinfo/au/threat-encyclopedia/network/ddi-rule-4553
    DDI RULE 4554 RCLONE - HTTP (REQUEST)
    2021/04/15DDI RULE 4554/vinfo/au/threat-encyclopedia/network/ddi-rule-4554
    DDI RULE 1561 APT - PLUGX Malformed request - DNS
    2021/04/15DDI RULE 1561/vinfo/au/threat-encyclopedia/network/ddi-rule-1561
    DDI RULE 4552 CVE-2021-21983 - VREALIZE API FILE RCE EXPLOIT - HTTP (REQUEST)
    2021/04/13DDI RULE 4552/vinfo/au/threat-encyclopedia/network/ddi-rule-4552
    DDI RULE 4548 GET2 LOADER - HTTP (Request)
    2021/04/07DDI RULE 4548/vinfo/au/threat-encyclopedia/network/ddi-rule-4548
    DDI RULE 4549 CHOPPER - HTTP (Response)
    2021/04/07DDI RULE 4549/vinfo/au/threat-encyclopedia/network/ddi-rule-4549
    DDI RULE 4547 SDBOT - TCP (REQUEST)
    2021/04/05DDI RULE 4547/vinfo/au/threat-encyclopedia/network/ddi-rule-4547
    DDI RULE 4543 CVE-2021-25274 - Solarwinds Orion Remote Code Execution Exploit - TCP (REQUEST)
    2021/03/25DDI RULE 4543/vinfo/au/threat-encyclopedia/network/ddi-rule-4543
    DDI RULE 4544 CVE-2021-27561 - YEALINK RCE EXPLOIT - HTTP (REQUEST)
    2021/03/25DDI RULE 4544/vinfo/au/threat-encyclopedia/network/ddi-rule-4544
    DDI RULE 4545 CVE-2021-22502 - MICROFOCUS RCE EXPLOIT - HTTP (REQUEST)
    2021/03/25DDI RULE 4545/vinfo/au/threat-encyclopedia/network/ddi-rule-4545
    DDI RULE 4546 QUASAR - TCP (RESPONSE)
    2021/03/25DDI RULE 4546/vinfo/au/threat-encyclopedia/network/ddi-rule-4546
    DDI RULE 4456 File Upload through SMB or SMB2
    2021/03/24DDI RULE 4456/vinfo/au/threat-encyclopedia/network/ddi-rule-4456
    DDI RULE 4457 File Download through SMB or SMB2
    2021/03/24DDI RULE 4457/vinfo/au/threat-encyclopedia/network/ddi-rule-4457
    DDI RULE 4539 CVE-2020-17530 - APACHE STRUTS OGNL RCE EXPLOIT - HTTP (REQUEST)
    2021/03/24DDI RULE 4539/vinfo/au/threat-encyclopedia/network/ddi-rule-4539
    DDI RULE 4540 CVE-2021-22991 - F5 BIG-IP TSM BUFFER OVERFLOW EXPLOIT - HTTP(REQUEST)
    2021/03/24DDI RULE 4540/vinfo/au/threat-encyclopedia/network/ddi-rule-4540
    DDI RULE 4541 CVE-2021-22992 - F5 BIG-IP ASM BUFFER OVERFLOW EXPLOIT - HTTP(RESPONSE)
    2021/03/24DDI RULE 4541/vinfo/au/threat-encyclopedia/network/ddi-rule-4541
    DDI RULE 4542 CVE-2021-22986 - F5 BIG-IP iCONTROL RCE EXPLOIT - HTTP(REQUEST)
    2021/03/24DDI RULE 4542/vinfo/au/threat-encyclopedia/network/ddi-rule-4542
    DDI RULE 4538 CVE-2020-17518 - APACHE FLINK DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)
    2021/03/23DDI RULE 4538/vinfo/au/threat-encyclopedia/network/ddi-rule-4538
    DDI RULE 2598 PsExec PETYA - Ransomware - SMB2
    2021/03/23DDI RULE 2598/vinfo/au/threat-encyclopedia/network/ddi-rule-2598
    DDI RULE 4516 MESTRE - IRC (REQUEST)
    2021/03/23DDI RULE 4516/vinfo/au/threat-encyclopedia/network/ddi-rule-4516
    DDI RULE 2021 NUCLEAR - Exploit kit - HTTP (Request) - Variant 3
    2021/03/22DDI RULE 2021/vinfo/au/threat-encyclopedia/network/ddi-rule-2021
    DDI RULE 4504 LOKIBOT - HTTP (REQUEST)
    2021/03/18DDI RULE 4504/vinfo/au/threat-encyclopedia/network/ddi-rule-4504
    DDI RULE 4239 CVE-2019-16759 - VBulletin Remote Command Execution - HTTP (Request)
    2021/03/17DDI RULE 4239/vinfo/au/threat-encyclopedia/network/ddi-rule-4239
    DDI RULE 4536 APT - MANGZAMEL - TCP (Request)
    2021/03/17DDI RULE 4536/vinfo/au/threat-encyclopedia/network/ddi-rule-4536
    DDI RULE 4537 CVE-2020-5847 - UNRAID RCE EXPLOIT - HTTP (REQUEST)
    2021/03/16DDI RULE 4537/vinfo/au/threat-encyclopedia/network/ddi-rule-4537
    DDI RULE 4525 CVE-2021-21972 - VSPHERE RCE EXPLOIT - HTTP (REQUEST)
    2021/03/16DDI RULE 4525/vinfo/au/threat-encyclopedia/network/ddi-rule-4525
    DDI RULE 4529 APT - REMOTE EXECUTION ZABBIX - TCP (REQUEST)
    2021/03/16DDI RULE 4529/vinfo/au/threat-encyclopedia/network/ddi-rule-4529
    DDI RULE 4530 DCERPC WMIEXECPY - (REQUEST)
    2021/03/16DDI RULE 4530/vinfo/au/threat-encyclopedia/network/ddi-rule-4530
    DDI RULE 4533 CVE-2021-26877 - RCE EXPLOIT - DNS (REQUEST)
    2021/03/15DDI RULE 4533/vinfo/au/threat-encyclopedia/network/ddi-rule-4533
    DDI RULE 4534 CVE-2021-26897 - OVER TCP RCE EXPLOIT - DNS (REQUEST)
    2021/03/15DDI RULE 4534/vinfo/au/threat-encyclopedia/network/ddi-rule-4534
    DDI RULE 4535 CVE-2021-27076 - Sharepoint Remote Code Execution Exploit - HTTP (REQUEST)
    2021/03/15DDI RULE 4535/vinfo/au/threat-encyclopedia/network/ddi-rule-4535
    DDI RULE 2057 CRYDAP - Ransomware - HTTP (Request)
    2021/03/11DDI RULE 2057/vinfo/au/threat-encyclopedia/network/ddi-rule-2057
    DDI RULE 2452 Wget Commandline Injection
    2021/03/10DDI RULE 2452/vinfo/au/threat-encyclopedia/network/ddi-rule-2452
    DDI RULE 4526 DEWMODE - HTTP (REQUEST)
    2021/03/10DDI RULE 4526/vinfo/au/threat-encyclopedia/network/ddi-rule-4526
    DDI RULE 4527 CVE-2021-26855 - Exchange Server Side Request Forgery Exploit SB - HTTP (REQUEST)
    2021/03/09DDI RULE 4527/vinfo/au/threat-encyclopedia/network/ddi-rule-4527
    DDI RULE 4523 Fobushell - HTTP (Request)
    2021/03/03DDI RULE 4523/vinfo/au/threat-encyclopedia/network/ddi-rule-4523
    DDI RULE 4524 Possible Renamed PSEXEC Service - SMB2 (Request)
    2021/03/03DDI RULE 4524/vinfo/au/threat-encyclopedia/network/ddi-rule-4524
    DDI RULE 4522 CVE-2021-24072 - SHAREPOINT RCE EXPLOIT - HTTP (REQUEST)
    2021/02/15DDI RULE 4522/vinfo/au/threat-encyclopedia/network/ddi-rule-4522
    DDI RULE 4520 CVE-2021-24078 - Remote Comand Execution Exploit - DNS (RESPONSE)
    2021/02/11DDI RULE 4520/vinfo/au/threat-encyclopedia/network/ddi-rule-4520
    DDI RULE 4521 CVE-2021-1707 - Sharepoint Remote Code Execution Exploit - HTTP (REQUEST)
    2021/02/11DDI RULE 4521/vinfo/au/threat-encyclopedia/network/ddi-rule-4521
    DDI RULE 2472 CARBANAK - DNS (Response)
    2021/02/11DDI RULE 2472/vinfo/au/threat-encyclopedia/network/ddi-rule-2472
    DDI RULE 1542 Possible CONFICKER DNS Response
    2021/02/11DDI RULE 1542/vinfo/au/threat-encyclopedia/network/ddi-rule-1542
    DDI RULE 1543 Possible CRILOCK DNS Response
    2021/02/11DDI RULE 1543/vinfo/au/threat-encyclopedia/network/ddi-rule-1543
    DDI RULE 1544 Possible CAPHAW DNS Response
    2021/02/11DDI RULE 1544/vinfo/au/threat-encyclopedia/network/ddi-rule-1544
    DDI RULE 4518 Possible NAT Slipstreaming - TCP (Request)
    2021/02/10DDI RULE 4518/vinfo/au/threat-encyclopedia/network/ddi-rule-4518
    DDI RULE 4519 COBALTSTRIKE - HTTPS (REQUEST)
    2021/02/09DDI RULE 4519/vinfo/au/threat-encyclopedia/network/ddi-rule-4519
    DDI RULE 2544 JAWS Remote Code Execution Exploit - HTTP (Request)
    2021/02/09DDI RULE 2544/vinfo/au/threat-encyclopedia/network/ddi-rule-2544
    DDI RULE 4517 TORRENTLOCKER - HTTPS (REQUEST)
    2021/02/02DDI RULE 4517/vinfo/au/threat-encyclopedia/network/ddi-rule-4517
    DDI RULE 4512 TRICKBOT - HTTPS (REQUEST)
    2021/02/02DDI RULE 4512/vinfo/au/threat-encyclopedia/network/ddi-rule-4512
    DDI RULE 4513 EMPIRE - HTTPS (REQUEST)
    2021/02/01DDI RULE 4513/vinfo/au/threat-encyclopedia/network/ddi-rule-4513
    DDI RULE 4514 METASPLOIT - HTTPS (REQUEST) - Malicious SSL Connection
    2021/02/01DDI RULE 4514/vinfo/au/threat-encyclopedia/network/ddi-rule-4514
    DDI RULE 4515 QAKBOT - HTTP (RESPONSE)
    2021/02/01DDI RULE 4515/vinfo/au/threat-encyclopedia/network/ddi-rule-4515
    DDI RULE 4506 CVE-2021-2109 - Oracle WebLogic Remote Code Execution Exploit - HTTP (Request)
    2021/01/28DDI RULE 4506/vinfo/au/threat-encyclopedia/network/ddi-rule-4506
    DDI RULE 4507 GOOTKIT - HTTPS (REQUEST)
    2021/01/28DDI RULE 4507/vinfo/au/threat-encyclopedia/network/ddi-rule-4507
    DDI RULE 4508 GOZI - HTTPS (REQUEST)
    2021/01/28DDI RULE 4508/vinfo/au/threat-encyclopedia/network/ddi-rule-4508
    DDI RULE 4509 CVE-2019-11229 - Gitea Remote Code Execution Exploit - HTTP (Request)
    2021/01/28DDI RULE 4509/vinfo/au/threat-encyclopedia/network/ddi-rule-4509
    DDI RULE 4510 RANSOM TROLDESH - HTTPS (REQUEST)
    2021/01/28DDI RULE 4510/vinfo/au/threat-encyclopedia/network/ddi-rule-4510
    DDI RULE 4511 QUAKBOT - HTTPS (REQUEST)
    2021/01/28DDI RULE 4511/vinfo/au/threat-encyclopedia/network/ddi-rule-4511
    DDI RULE 4502 DRIDEX - HTTPS (REQUEST)
    2021/01/27DDI RULE 4502/vinfo/au/threat-encyclopedia/network/ddi-rule-4502
    DDI RULE 4505 RANSOM CRYPTOLOCK - HTTPS (REQUEST)
    2021/01/27DDI RULE 4505/vinfo/au/threat-encyclopedia/network/ddi-rule-4505
    DDI RULE 4503 SILENTNIGHT- ZLOADER - HTTP(RESPONSE)
    2021/01/26DDI RULE 4503/vinfo/au/threat-encyclopedia/network/ddi-rule-4503
    DDI RULE 4498 Sanfor EDR Remote Code Execution Exploit - HTTP (Request)
    2021/01/25DDI RULE 4498/vinfo/au/threat-encyclopedia/network/ddi-rule-4498
    DDI RULE 4467 APT - WATERTIGER - HTTP (Response)
    2021/01/25DDI RULE 4467/vinfo/au/threat-encyclopedia/network/ddi-rule-4467
    DDI RULE 4501 Too many FTP Error Code 421 - FTP (Response)
    2021/01/20DDI RULE 4501/vinfo/au/threat-encyclopedia/network/ddi-rule-4501
    DDI RULE 4490 XML External Entity File Disclosure - HTTP (Request)
    2021/01/13DDI RULE 4490/vinfo/au/threat-encyclopedia/network/ddi-rule-4490
    DDI RULE 1816 GATAK - HTTP (Request) - Variant 2
    2021/01/11DDI RULE 1816/vinfo/au/threat-encyclopedia/network/ddi-rule-1816
    DDI RULE 4499 Top-App LB SQL Injection Exploit - HTTP (Request)
    2020/12/29DDI RULE 4499/vinfo/au/threat-encyclopedia/network/ddi-rule-4499
    DDI RULE 4500 GRP-u8 SQL Injection - HTTP (Request)
    2020/12/28DDI RULE 4500/vinfo/au/threat-encyclopedia/network/ddi-rule-4500
    DDI RULE 4497 SQL Injection Exploit - HTTP (Request) - Variant 2
    2020/12/28DDI RULE 4497/vinfo/au/threat-encyclopedia/network/ddi-rule-4497
    DDI RULE 4494 CVE-2020-17051 - NFS Exploit - UDP (REQUEST)
    2020/12/23DDI RULE 4494/vinfo/au/threat-encyclopedia/network/ddi-rule-4494
    DDI RULE 4495 Potential Social Security Info on TXT/CSV attachment - HTTP (Request)
    2020/12/23DDI RULE 4495/vinfo/au/threat-encyclopedia/network/ddi-rule-4495
    DDI RULE 4496 Potential Credit Card Info on TXT/CSV attachment - HTTP (Request)
    2020/12/23DDI RULE 4496/vinfo/au/threat-encyclopedia/network/ddi-rule-4496
    DDI RULE 4453 CVE-2020-1472 - Zerologon Privilege Escalation - DCERPC (Request)
    2020/12/23DDI RULE 4453/vinfo/au/threat-encyclopedia/network/ddi-rule-4453
    DDI RULE 4493 CVE-2020-17121 - SHAREPOINT RCE EXPLOIT - HTTP (Request)
    2020/12/21DDI RULE 4493/vinfo/au/threat-encyclopedia/network/ddi-rule-4493
    DDI RULE 4492 SUPERNOVA WEBSHELL - HTTP (RESPONSE)
    2020/12/17DDI RULE 4492/vinfo/au/threat-encyclopedia/network/ddi-rule-4492
    DDI RULE 4491 SUNBURST - DNS (RESPONSE)
    2020/12/15DDI RULE 4491/vinfo/au/threat-encyclopedia/network/ddi-rule-4491
    DDI RULE 4486 CVE-2020-11974 - Apache DolphinScheduler Remote Code Execution Exploit - HTTP (Request)
    2020/12/15DDI RULE 4486/vinfo/au/threat-encyclopedia/network/ddi-rule-4486
    DDI RULE 4487 CVE-2020-5791 - Nagios XI Command Injection - HTTP (Request)
    2020/12/15DDI RULE 4487/vinfo/au/threat-encyclopedia/network/ddi-rule-4487
    DDI RULE 4488 CVE-2020-5398 - Spring Framework Reflected File Download Exploit - HTTP (Request)
    2020/12/15DDI RULE 4488/vinfo/au/threat-encyclopedia/network/ddi-rule-4488
    DDI RULE 4489 CVE-2019-8394 - ZOHO FILEUPLOAD EXPLOIT - HTTP (REQUEST)
    2020/12/14DDI RULE 4489/vinfo/au/threat-encyclopedia/network/ddi-rule-4489
    DDI RULE 4482 Browser Exploitation Framework Tool - HTTP (Request)
    2020/12/14DDI RULE 4482/vinfo/au/threat-encyclopedia/network/ddi-rule-4482
    DDI RULE 4484 GOLDENSPY - HTTP (REQUEST)
    2020/12/14DDI RULE 4484/vinfo/au/threat-encyclopedia/network/ddi-rule-4484
    DDI RULE 4447 Potential Credit Card Info on ICMP Echo - ICMP (Request)
    2020/12/14DDI RULE 4447/vinfo/au/threat-encyclopedia/network/ddi-rule-4447
    DDI RULE 1471 JACKPOS - HTTP (Request)
    2020/12/14DDI RULE 1471/vinfo/au/threat-encyclopedia/network/ddi-rule-1471
    DDI RULE 4481 SQL Injection Exploit - HTTP (Request)
    2020/12/03DDI RULE 4481/vinfo/au/threat-encyclopedia/network/ddi-rule-4481
    DDI RULE 2492 KARAGANY - HTTP (Request)
    2020/12/02DDI RULE 2492/vinfo/au/threat-encyclopedia/network/ddi-rule-2492
    DDI RULE 4478 CVE-2020-2551 - Oracle Weblogic Remote Code Execution Exploit - TCP (Request)
    2020/11/26DDI RULE 4478/vinfo/au/threat-encyclopedia/network/ddi-rule-4478
    DDI RULE 4479 NTLM v1 Authentication - SMB (Request)
    2020/11/24DDI RULE 4479/vinfo/au/threat-encyclopedia/network/ddi-rule-4479
    DDI RULE 4480 XXL-JOB Remote Code Execution Exploit - HTTP (REQUEST)
    2020/11/24DDI RULE 4480/vinfo/au/threat-encyclopedia/network/ddi-rule-4480
    DDI RULE 1706 LDAP SASL Connection Detected
    2020/11/19DDI RULE 1706/vinfo/au/threat-encyclopedia/network/ddi-rule-1706
    DDI RULE 4477 Remote System Discovery - LDAP (REQUEST) - Variant 2
    2020/11/11DDI RULE 4477/vinfo/au/threat-encyclopedia/network/ddi-rule-4477
    DDI RULE 2713 AVTECH Command Injection - Multiple Exploits - HTTP (Request)
    2020/11/10DDI RULE 2713/vinfo/au/threat-encyclopedia/network/ddi-rule-2713
    DDI RULE 4476 WOL- Wake on lan - UDP (REQUEST)
    2020/11/06DDI RULE 4476/vinfo/au/threat-encyclopedia/network/ddi-rule-4476
    DDI RULE 2018 DUNIHI HTTP Response
    2020/11/05DDI RULE 2018/vinfo/au/threat-encyclopedia/network/ddi-rule-2018
    DDI RULE 4474 File renamed - RYUK - Ransomware - SMB (Request)
    2020/11/03DDI RULE 4474/vinfo/au/threat-encyclopedia/network/ddi-rule-4474
    DDI RULE 4475 File renamed - RYUK - Ransomware - SMB2 (Request)
    2020/11/03DDI RULE 4475/vinfo/au/threat-encyclopedia/network/ddi-rule-4475
    DDI RULE 4473 MSXSL Code Execution - HTTP (Response)
    2020/11/02DDI RULE 4473/vinfo/au/threat-encyclopedia/network/ddi-rule-4473
    DDI RULE 4471 CVE-2016-4977 - Spring Security OAuth Remote Code Execution Exploit - HTTP (Request)
    2020/10/29DDI RULE 4471/vinfo/au/threat-encyclopedia/network/ddi-rule-4471
    DDI RULE 4472 POSSIBLE NGROK - HTTPS (REQUEST)
    2020/10/27DDI RULE 4472/vinfo/au/threat-encyclopedia/network/ddi-rule-4472
    DDI RULE 4470 CVE-2020-16952 - Microsoft SharePoint Remote Code Execution - HTTP (Request)
    2020/10/26DDI RULE 4470/vinfo/au/threat-encyclopedia/network/ddi-rule-4470
    DDI RULE 1068 APT - GHOSTRAT - TCP
    2020/10/26DDI RULE 1068/vinfo/au/threat-encyclopedia/network/ddi-rule-1068
    DDI RULE 4469 APT - COBALTSRIKE - HTTP (RESPONSE)
    2020/10/19DDI RULE 4469/vinfo/au/threat-encyclopedia/network/ddi-rule-4469
    DDI RULE 4222 PST File Upload
    2020/10/19DDI RULE 4222/vinfo/au/threat-encyclopedia/network/ddi-rule-4222
    DDI RULE 2247 DEMO RULE - SMB (Request)
    2020/10/19DDI RULE 2247/vinfo/au/threat-encyclopedia/network/ddi-rule-2247
    DDI RULE 2333 CVE-2017-0016 - Tree Connect Denial of Service Exploit - SMB2 (Response)
    2020/10/19DDI RULE 2333/vinfo/au/threat-encyclopedia/network/ddi-rule-2333
    DDI RULE 4468 CVE-2020-16898 - EXPLOIT - ICMPv6 (REQUEST)
    2020/10/15DDI RULE 4468/vinfo/au/threat-encyclopedia/network/ddi-rule-4468
    DDI RULE 4466 PsExec Clones - SMB2 (Request)
    2020/10/14DDI RULE 4466/vinfo/au/threat-encyclopedia/network/ddi-rule-4466
    DDI RULE 4465 Remote System Discovery - LSARPC (REQUEST)
    2020/10/08DDI RULE 4465/vinfo/au/threat-encyclopedia/network/ddi-rule-4465
    DDI RULE 4455 CVE-2020-1472 - Zerologon Privilege Escalation - SMB2 (Request)
    2020/10/08DDI RULE 4455/vinfo/au/threat-encyclopedia/network/ddi-rule-4455
    DDI RULE 4459 CVE-2020-1472 - Zerologon Privilege Escalation - SMB (Request)
    2020/10/08DDI RULE 4459/vinfo/au/threat-encyclopedia/network/ddi-rule-4459
    DDI RULE 4463 QAKBOT - Malicious Certificate - SSL - Variant 3
    2020/10/08DDI RULE 4463/vinfo/au/threat-encyclopedia/network/ddi-rule-4463
    DDI RULE 4300 WMI Command Execution - DCERPC (Request)
    2020/10/08DDI RULE 4300/vinfo/au/threat-encyclopedia/network/ddi-rule-4300
    DDI RULE 1022 WMI Remote Registry - DCERPC (Request)
    2020/10/08DDI RULE 1022/vinfo/au/threat-encyclopedia/network/ddi-rule-1022
    DDI RULE 2849 CVE-2019-9194-HTTP RCE - ELFINDER (Request)
    2020/10/07DDI RULE 2849/vinfo/au/threat-encyclopedia/network/ddi-rule-2849
    DDI RULE 4464 Remote System Discovery - LDAP (REQUEST)
    2020/10/07DDI RULE 4464/vinfo/au/threat-encyclopedia/network/ddi-rule-4464
    DDI RULE 4460 CVE-2017-17485 - Jackson Databind Remote Code Execution Exploit - HTTP (Request)
    2020/10/05DDI RULE 4460/vinfo/au/threat-encyclopedia/network/ddi-rule-4460
    DDI RULE 4461 CVE-2017-7504 - JBossMQ JMS Invocation Layer Exploit - HTTP (Request)
    2020/10/05DDI RULE 4461/vinfo/au/threat-encyclopedia/network/ddi-rule-4461
    DDI RULE 2212 Possible Brute force - RDP
    2020/10/05DDI RULE 2212/vinfo/au/threat-encyclopedia/network/ddi-rule-2212
    DDI RULE 2388 Unsuccessful logon - RDP
    2020/10/05DDI RULE 2388/vinfo/au/threat-encyclopedia/network/ddi-rule-2388
    DDI RULE 4142 SSL Connection
    2020/09/29DDI RULE 4142/vinfo/au/threat-encyclopedia/network/ddi-rule-4142
    DDI RULE 4143 Malicious SSL Client Connection
    2020/09/29DDI RULE 4143/vinfo/au/threat-encyclopedia/network/ddi-rule-4143
    DDI RULE 4144 Malicious SSL Server Connection
    2020/09/29DDI RULE 4144/vinfo/au/threat-encyclopedia/network/ddi-rule-4144
    DDI RULE 4145 Malicious SSL Connection
    2020/09/29DDI RULE 4145/vinfo/au/threat-encyclopedia/network/ddi-rule-4145
    DDI RULE 4146 Suspicious SSL Connection
    2020/09/29DDI RULE 4146/vinfo/au/threat-encyclopedia/network/ddi-rule-4146
    DDI RULE 4147 Suspicious SSL Client Connection
    2020/09/29DDI RULE 4147/vinfo/au/threat-encyclopedia/network/ddi-rule-4147
    DDI RULE 4148 Suspicious SSL Server Connection
    2020/09/29DDI RULE 4148/vinfo/au/threat-encyclopedia/network/ddi-rule-4148
    DDI RULE 2210 Metasploit (Payload) - Reverse TCP Patchup Meterpreter
    2020/09/28DDI RULE 2210/vinfo/au/threat-encyclopedia/network/ddi-rule-2210
    DDI RULE 2751 Remote Command Shell - TCP
    2020/09/24DDI RULE 2751/vinfo/au/threat-encyclopedia/network/ddi-rule-2751
    DDI RULE 2752 Remote PowerShell - TCP
    2020/09/24DDI RULE 2752/vinfo/au/threat-encyclopedia/network/ddi-rule-2752
    DDI RULE 2664 CreateService - SMB (Request)
    2020/09/21DDI RULE 2664/vinfo/au/threat-encyclopedia/network/ddi-rule-2664
    DDI RULE 4443 Logon successful - SSH
    2020/09/21DDI RULE 4443/vinfo/au/threat-encyclopedia/network/ddi-rule-4443
    DDI RULE 4444 Unsuccessful logon - SSH
    2020/09/21DDI RULE 4444/vinfo/au/threat-encyclopedia/network/ddi-rule-4444
    DDI RULE 4445 Possible Brute force - SSH
    2020/09/21DDI RULE 4445/vinfo/au/threat-encyclopedia/network/ddi-rule-4445
    DDI RULE 4450 SERVER PROTECT RCE EXPLOIT - HTTP (REQUEST)
    2020/09/17DDI RULE 4450/vinfo/au/threat-encyclopedia/network/ddi-rule-4450
    DDI RULE 4451 APT - MUDDYWATER - HTTP (Request)
    2020/09/17DDI RULE 4451/vinfo/au/threat-encyclopedia/network/ddi-rule-4451
    DDI RULE 4452 CVE-2020-0911 - EXPLOIT - ICMPv6 (REQUEST)
    2020/09/16DDI RULE 4452/vinfo/au/threat-encyclopedia/network/ddi-rule-4452
    DDI RULE 4429 Remote Service execution through SMB2 SVCCTL detected - Variant 2
    2020/09/15DDI RULE 4429/vinfo/au/threat-encyclopedia/network/ddi-rule-4429
    DDI RULE 4449 Remote Service execution through SMB2 SVCCTL detected - Variant 3
    2020/09/14DDI RULE 4449/vinfo/au/threat-encyclopedia/network/ddi-rule-4449
    DDI RULE 4448 WORDPRESS PLUGIN FILEMANAGER EXPLOIT - HTTP (REQUEST)
    2020/09/08DDI RULE 4448/vinfo/au/threat-encyclopedia/network/ddi-rule-4448
    DDI RULE 4442 APT - DROVORUB - WEBSOCKET (RESPONSE)
    2020/09/07DDI RULE 4442/vinfo/au/threat-encyclopedia/network/ddi-rule-4442
    DDI RULE 4446 Apache Struts Potential Remote Code Execution Exploit - HTTP (Request)
    2020/09/01DDI RULE 4446/vinfo/au/threat-encyclopedia/network/ddi-rule-4446
    DDI RULE 4437 CVE-2014-9295 - Buffer Overflow - NTP (Request)
    2020/08/24DDI RULE 4437/vinfo/au/threat-encyclopedia/network/ddi-rule-4437
    DDI RULE 4438 CVE-2015-7855 - Denial of Service via decodenetnum - NTP (Request)
    2020/08/24DDI RULE 4438/vinfo/au/threat-encyclopedia/network/ddi-rule-4438
    DDI RULE 4439 CVE-2016-7434 - Denial of Service via mrulist - NTP (Request)
    2020/08/24DDI RULE 4439/vinfo/au/threat-encyclopedia/network/ddi-rule-4439
    DDI RULE 4440 CVE-2016-9312 - Possible Denial of Service via large packets - NTP (Request)
    2020/08/24DDI RULE 4440/vinfo/au/threat-encyclopedia/network/ddi-rule-4440
    DDI RULE 4436 SQL Injection Remote Code Execution Sensor - HTTP (Request)
    2020/08/24DDI RULE 4436/vinfo/au/threat-encyclopedia/network/ddi-rule-4436
    DDI RULE 4441 QAKBOT - Malicious Certificate - SSL - Variant 2
    2020/08/20DDI RULE 4441/vinfo/au/threat-encyclopedia/network/ddi-rule-4441
    DDI RULE 4434 CVE-2020-9484 - Apache Tomcat Deserialization Remote Code Execution - HTTP (Request)
    2020/08/10DDI RULE 4434/vinfo/au/threat-encyclopedia/network/ddi-rule-4434
    DDI RULE 1599 Illegal Packet Size - Possible DOS Attack MODBUS Request
    2020/08/06DDI RULE 1599/vinfo/au/threat-encyclopedia/network/ddi-rule-1599
    DDI RULE 1598 Non-Modbus Communication Request
    2020/08/06DDI RULE 1598/vinfo/au/threat-encyclopedia/network/ddi-rule-1598
    DDI RULE 1600 Report Server ID MODBUS Request
    2020/08/06DDI RULE 1600/vinfo/au/threat-encyclopedia/network/ddi-rule-1600
    DDI RULE 1122 Office Document File Internal Transfer
    2020/08/05DDI RULE 1122/vinfo/au/threat-encyclopedia/network/ddi-rule-1122
    DDI RULE 1123 Office Document File Upload
    2020/08/05DDI RULE 1123/vinfo/au/threat-encyclopedia/network/ddi-rule-1123
    DDI RULE 1126 Executable file via FTP - class 1
    2020/08/05DDI RULE 1126/vinfo/au/threat-encyclopedia/network/ddi-rule-1126
    DDI RULE 1119 HTTP Request - Hostname is an IP address
    2020/08/05DDI RULE 1119/vinfo/au/threat-encyclopedia/network/ddi-rule-1119
    DDI RULE 2289 Unsuccessful logon - FTP
    2020/08/05DDI RULE 2289/vinfo/au/threat-encyclopedia/network/ddi-rule-2289
    DDI RULE 2290 Possible Brute force - FTP
    2020/08/05DDI RULE 2290/vinfo/au/threat-encyclopedia/network/ddi-rule-2290
    DDI RULE 4430 Unencrypted REMCOS - TCP (Request)
    2020/07/30DDI RULE 4430/vinfo/au/threat-encyclopedia/network/ddi-rule-4430
    DDI RULE 4432 NGIOWEB - HTTP (REQUEST)
    2020/07/30DDI RULE 4432/vinfo/au/threat-encyclopedia/network/ddi-rule-4432
    DDI RULE 4433 APT - SUNFOU - HTTP (REQUEST)
    2020/07/30DDI RULE 4433/vinfo/au/threat-encyclopedia/network/ddi-rule-4433
    DDI RULE 2793 APT - WINNTI - HTTP (Response)
    2020/07/30DDI RULE 2793/vinfo/au/threat-encyclopedia/network/ddi-rule-2793
    DDI RULE 2874 ZEROSHELL RCE EXPLOIT - HTTP (Request)
    2020/07/30DDI RULE 2874/vinfo/au/threat-encyclopedia/network/ddi-rule-2874
    DDI RULE 1764 Possible Superfish SSL certificate detected
    2020/07/29DDI RULE 1764/vinfo/au/threat-encyclopedia/network/ddi-rule-1764
    DDI RULE 2890 INFOSTEAL - HTTP (Request) - Variant 5
    2020/07/28DDI RULE 2890/vinfo/au/threat-encyclopedia/network/ddi-rule-2890
    DDI RULE 1052 IP Malicious - Class 1
    2020/07/27DDI RULE 1052/vinfo/au/threat-encyclopedia/network/ddi-rule-1052
    DDI RULE 4427 APT - WELLMAIL - Malicious Certificate - SSL (Response)
    2020/07/23DDI RULE 4427/vinfo/au/threat-encyclopedia/network/ddi-rule-4427
    DDI RULE 4428 APT - WELLMESS - Malicious Certificate - SSL (Response)
    2020/07/23DDI RULE 4428/vinfo/au/threat-encyclopedia/network/ddi-rule-4428
    DDI RULE 4425 CVE-2020-1350 - DNS OVER TCP EXPLOIT - DNS (Response)
    2020/07/22DDI RULE 4425/vinfo/au/threat-encyclopedia/network/ddi-rule-4425
    DDI RULE 4426 CVE-2020-1350 - DNS OVER TCP EXPLOIT - TCP (Request)
    2020/07/22DDI RULE 4426/vinfo/au/threat-encyclopedia/network/ddi-rule-4426
    DDI RULE 2000 Metasploit(Payload) - Reverse DLL Inject - TCP (Response)
    2020/07/22DDI RULE 2000/vinfo/au/threat-encyclopedia/network/ddi-rule-2000
    DDI RULE 2211 Unsuccessful logon using default Administrator account - RDP
    2020/07/20DDI RULE 2211/vinfo/au/threat-encyclopedia/network/ddi-rule-2211
    DDI RULE 2213 Possible Brute force using privileged user - RDP
    2020/07/20DDI RULE 2213/vinfo/au/threat-encyclopedia/network/ddi-rule-2213
    DDI RULE 2391 Busybox Checking - TELNET (Request)
    2020/07/13DDI RULE 2391/vinfo/au/threat-encyclopedia/network/ddi-rule-2391
    DDI RULE 4424 CVE-2020-5902 - DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)
    2020/07/09DDI RULE 4424/vinfo/au/threat-encyclopedia/network/ddi-rule-4424
    DDI RULE 4322 possible Directory Traversal Exploit Attempted - URI Path - HTTP (Request) - Variant 2
    2020/07/09DDI RULE 4322/vinfo/au/threat-encyclopedia/network/ddi-rule-4322
    DDI RULE 4321 POWERTRICK - HTTP (REQUEST)
    2020/07/06DDI RULE 4321/vinfo/au/threat-encyclopedia/network/ddi-rule-4321
    DDI RULE 4207 CVE-2019-11354 - DOTPROJECT SQL Injection - HTTP (Request)
    2020/07/01DDI RULE 4207/vinfo/au/threat-encyclopedia/network/ddi-rule-4207
    DDI RULE 4230 APT - DATPER - HTTP (Request)
    2020/06/23DDI RULE 4230/vinfo/au/threat-encyclopedia/network/ddi-rule-4230
    DDI RULE 4309 APT - LODEINFO - HTTP (Request)
    2020/06/23DDI RULE 4309/vinfo/au/threat-encyclopedia/network/ddi-rule-4309
    DDI RULE 4311 APT - BOTLODR - HTTP (REQUEST)
    2020/06/23DDI RULE 4311/vinfo/au/threat-encyclopedia/network/ddi-rule-4311
    DDI RULE 4313 MALXMR - HTTP (REQUEST)
    2020/06/23DDI RULE 4313/vinfo/au/threat-encyclopedia/network/ddi-rule-4313
    DDI RULE 4305 APT - KSDOOR - HTTP (REQUEST)
    2020/06/23DDI RULE 4305/vinfo/au/threat-encyclopedia/network/ddi-rule-4305
    DDI RULE 2663 APT - EXFRAM - TCP (Request)
    2020/06/23DDI RULE 2663/vinfo/au/threat-encyclopedia/network/ddi-rule-2663
    DDI RULE 1704 APT - TALERET - HTTP (Request) - Variant 2
    2020/06/23DDI RULE 1704/vinfo/au/threat-encyclopedia/network/ddi-rule-1704
    DDI RULE 2019 APT - DALGAN - HTTP (Request)
    2020/06/23DDI RULE 2019/vinfo/au/threat-encyclopedia/network/ddi-rule-2019
    DDI RULE 1549 APT - WINNTI - HTTP (Request)
    2020/06/23DDI RULE 1549/vinfo/au/threat-encyclopedia/network/ddi-rule-1549
    DDI RULE 1046 APT - Connection attempt to an APT-related CNC server detected
    2020/06/23DDI RULE 1046/vinfo/au/threat-encyclopedia/network/ddi-rule-1046
    DDI RULE 1774 APT - Possible EMDIVI - HTTP (Request) - Variant 5
    2020/06/23DDI RULE 1774/vinfo/au/threat-encyclopedia/network/ddi-rule-1774
    DDI RULE 1139 DORKBOT IRC Request - Class 1
    2020/06/22DDI RULE 1139/vinfo/au/threat-encyclopedia/network/ddi-rule-1139
    DDI RULE 2585 Ratankba Downloader - HTTP (Response)
    2020/06/17DDI RULE 2585/vinfo/au/threat-encyclopedia/network/ddi-rule-2585
    DDI RULE 2653 PHOTOMINER - HTTP (Response)
    2020/06/17DDI RULE 2653/vinfo/au/threat-encyclopedia/network/ddi-rule-2653
    DDI RULE 2591 KRBANKER - HTTP (Response)
    2020/06/17DDI RULE 2591/vinfo/au/threat-encyclopedia/network/ddi-rule-2591
    DDI RULE 2620 Suspicious Executable File Download - HTTP (Response)
    2020/06/17DDI RULE 2620/vinfo/au/threat-encyclopedia/network/ddi-rule-2620
    DDI RULE 2608 EMOTET - HTTP (Response) - Variant 2
    2020/06/17DDI RULE 2608/vinfo/au/threat-encyclopedia/network/ddi-rule-2608
    DDI RULE 2609 HANCITOR - HTTP (Request) - Variant 3
    2020/06/17DDI RULE 2609/vinfo/au/threat-encyclopedia/network/ddi-rule-2609
    DDI RULE 2616 Suspicious CWS Flash - HTTP (Response)
    2020/06/17DDI RULE 2616/vinfo/au/threat-encyclopedia/network/ddi-rule-2616
    DDI RULE 2617 GANDCRAB - Ransomware - HTTP (Response)
    2020/06/17DDI RULE 2617/vinfo/au/threat-encyclopedia/network/ddi-rule-2617
    DDI RULE 2650 ANDROM - HTTP (Response)
    2020/06/17DDI RULE 2650/vinfo/au/threat-encyclopedia/network/ddi-rule-2650
    DDI RULE 2757 ELF File requested from root directory - HTTP (Response)
    2020/06/17DDI RULE 2757/vinfo/au/threat-encyclopedia/network/ddi-rule-2757
    DDI RULE 2767 Window Shell Remote Code Execution - HTTP (Response)
    2020/06/17DDI RULE 2767/vinfo/au/threat-encyclopedia/network/ddi-rule-2767
    DDI RULE 2731 KAIXIN - Exploit Kit - HTTP (Response) - Variant 5
    2020/06/17DDI RULE 2731/vinfo/au/threat-encyclopedia/network/ddi-rule-2731
    DDI RULE 4303 Executable file download from root directory - HTTP (Response)
    2020/06/17DDI RULE 4303/vinfo/au/threat-encyclopedia/network/ddi-rule-4303
    DDI RULE 4304 Executable file download - HTTP (Response)
    2020/06/17DDI RULE 4304/vinfo/au/threat-encyclopedia/network/ddi-rule-4304
    DDI RULE 4323 CVE-2019-19781 - CITRIX ADC DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)
    2020/06/17DDI RULE 4323/vinfo/au/threat-encyclopedia/network/ddi-rule-4323
    DDI RULE 4355 CVE-2020-8794 - OPENSMTPD RCE EXPLOIT - SMTP (RESPONSE)
    2020/06/17DDI RULE 4355/vinfo/au/threat-encyclopedia/network/ddi-rule-4355
    DDI RULE 4181 TREVOR - HTTP (Response)
    2020/06/17DDI RULE 4181/vinfo/au/threat-encyclopedia/network/ddi-rule-4181
    DDI RULE 4398 CVE-2020-12109 - TPLINK RCE EXPLOIT - HTTP (REQUEST)
    2020/06/17DDI RULE 4398/vinfo/au/threat-encyclopedia/network/ddi-rule-4398
    DDI RULE 4423 ACIDBAT - TCP (Request)
    2020/06/17DDI RULE 4423/vinfo/au/threat-encyclopedia/network/ddi-rule-4423
    DDI RULE 4380 CVE-2020-5722 - GRANDSTREAM RCE EXPLOIT - HTTP (REQUEST)
    2020/06/17DDI RULE 4380/vinfo/au/threat-encyclopedia/network/ddi-rule-4380
    DDI RULE 2825 CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request)
    2020/06/17DDI RULE 2825/vinfo/au/threat-encyclopedia/network/ddi-rule-2825
    DDI RULE 2715 MINER CONFIG - HTTP (Response)
    2020/06/17DDI RULE 2715/vinfo/au/threat-encyclopedia/network/ddi-rule-2715
    DDI RULE 2481 DOWNLOADER - HTTP (Response)
    2020/06/17DDI RULE 2481/vinfo/au/threat-encyclopedia/network/ddi-rule-2481
    DDI RULE 2467 RETEFE - HTTP (Response)
    2020/06/17DDI RULE 2467/vinfo/au/threat-encyclopedia/network/ddi-rule-2467
    DDI RULE 2542 MINER - HTTP (Response)
    2020/06/17DDI RULE 2542/vinfo/au/threat-encyclopedia/network/ddi-rule-2542
    DDI RULE 2504 CVE-2017-9798 - APACHE OPTIONSBLEED Vulnerability - HTTP (Response)
    2020/06/17DDI RULE 2504/vinfo/au/threat-encyclopedia/network/ddi-rule-2504
    DDI RULE 2514 TERROR - Exploit Kit - HTTP (Response)
    2020/06/17DDI RULE 2514/vinfo/au/threat-encyclopedia/network/ddi-rule-2514
    DDI RULE 2443 SPORA - Ransomware - HTTP (Response)
    2020/06/17DDI RULE 2443/vinfo/au/threat-encyclopedia/network/ddi-rule-2443
    DDI RULE 2517 CVE-2017-14493 - DNSMASQ Buffer Overflow Exploit - DHCP (Request)
    2020/06/16DDI RULE 2517/vinfo/au/threat-encyclopedia/network/ddi-rule-2517
    DDI RULE 2518 CVE-2017-14496 - DNSMASQ Integer Underflow Exploit - DNS (Request)
    2020/06/16DDI RULE 2518/vinfo/au/threat-encyclopedia/network/ddi-rule-2518
    DDI RULE 2588 CVE-2017-9822 DotNetNuke Remote Code Execution Exploit - HTTP (Request)
    2020/06/16DDI RULE 2588/vinfo/au/threat-encyclopedia/network/ddi-rule-2588
    DDI RULE 2253 CVE-2016-2776 DNS ISC BIND TSIG EXPLOIT - DNS (Request)
    2020/06/16DDI RULE 2253/vinfo/au/threat-encyclopedia/network/ddi-rule-2253
    DDI RULE 4401 CVE-2020-13118 - MIKROTIK SQL INJECT - HTTP (REQUEST)
    2020/06/16DDI RULE 4401/vinfo/au/threat-encyclopedia/network/ddi-rule-4401
    DDI RULE 4383 CVE-2020-7961 - LIFERAY PORTAL RCE EXPLOIT - HTTP (Request)
    2020/06/16DDI RULE 4383/vinfo/au/threat-encyclopedia/network/ddi-rule-4383
    DDI RULE 4391 COBEACON - DNS (Response)
    2020/06/16DDI RULE 4391/vinfo/au/threat-encyclopedia/network/ddi-rule-4391
    DDI RULE 4325 CVE-2019-10758 - MONGODB RCE EXPLOIT - HTTP (REQUEST)
    2020/06/16DDI RULE 4325/vinfo/au/threat-encyclopedia/network/ddi-rule-4325
    DDI RULE 4267 CVE-2019-11043 - PHP RCE EXPLOIT - HTTP (REQUEST)
    2020/06/16DDI RULE 4267/vinfo/au/threat-encyclopedia/network/ddi-rule-4267
    DDI RULE 4277 CVE-2019-5127 - YOUPHPTUBE COMMAND INJECTION - HTTP (REQUEST)
    2020/06/16DDI RULE 4277/vinfo/au/threat-encyclopedia/network/ddi-rule-4277
    DDI RULE 4324 CVE-2019-20197 - NAGIOSXI Remote Code Execution Exploit - HTTP (Request)
    2020/06/16DDI RULE 4324/vinfo/au/threat-encyclopedia/network/ddi-rule-4324
    DDI RULE 4248 CVE-2019-2618 - WEBLOGIC FILE UPLOAD EXPLOIT - HTTP (REQUEST)
    2020/06/16DDI RULE 4248/vinfo/au/threat-encyclopedia/network/ddi-rule-4248
    DDI RULE 4113 CVE-2019-12095 Horde Webmail Unauthenticated XSS Exploit - HTTP (Request)
    2020/06/16DDI RULE 4113/vinfo/au/threat-encyclopedia/network/ddi-rule-4113
    DDI RULE 4111 CVE-2009-5157 Linksys WAG54G2 RCE Exploit - HTTP (Request)
    2020/06/16DDI RULE 4111/vinfo/au/threat-encyclopedia/network/ddi-rule-4111
    DDI RULE 4114 CVE-2012-4869 PBX RCE Exploit - HTTP (Request)
    2020/06/16DDI RULE 4114/vinfo/au/threat-encyclopedia/network/ddi-rule-4114
    DDI RULE 4217 CVE-2019-12991 - CITRIX SDWAN RCE - HTTP (Request)
    2020/06/16DDI RULE 4217/vinfo/au/threat-encyclopedia/network/ddi-rule-4217
    DDI RULE 4242 CVE-2018-18778 - ACME File Discovery Exploit - HTTP (RESPONSE)
    2020/06/16DDI RULE 4242/vinfo/au/threat-encyclopedia/network/ddi-rule-4242
    DDI RULE 4204 CVE-2019-15107 WEBMIN RCE Exploit - HTTP (Request)
    2020/06/16DDI RULE 4204/vinfo/au/threat-encyclopedia/network/ddi-rule-4204
    DDI RULE 1531 Possible SSL CVE-2014-0224 CCS Injection - Class 1
    2020/06/16DDI RULE 1531/vinfo/au/threat-encyclopedia/network/ddi-rule-1531
    DDI RULE 2939 CVE-2018-6961 VMWARE NSX RCE EXPLOIT - HTTP (Request)
    2020/06/16DDI RULE 2939/vinfo/au/threat-encyclopedia/network/ddi-rule-2939
    DDI RULE 4218 CVE-2014-4663 TIMTHUMB RCE Exploit- HTTP (Request)
    2020/06/15DDI RULE 4218/vinfo/au/threat-encyclopedia/network/ddi-rule-4218
    DDI RULE 4188 CVE-2014-3914 - Rocket Servergraph - RCE - HTTP (Request)
    2020/06/15DDI RULE 4188/vinfo/au/threat-encyclopedia/network/ddi-rule-4188
    DDI RULE 4112 CVE-2019-12094 Horde Webmail Unauthenticated RCE Exploit - HTTP (Request)
    2020/06/15DDI RULE 4112/vinfo/au/threat-encyclopedia/network/ddi-rule-4112
    DDI RULE 2723 MAGNITUDE - Exploit Kit - HTTP (Response)
    2020/06/15DDI RULE 2723/vinfo/au/threat-encyclopedia/network/ddi-rule-2723
    DDI RULE 2701 Possible EMOTET - HTTP (Response) - Variant 3
    2020/06/15DDI RULE 2701/vinfo/au/threat-encyclopedia/network/ddi-rule-2701
    DDI RULE 2750 CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)
    2020/06/15DDI RULE 2750/vinfo/au/threat-encyclopedia/network/ddi-rule-2750
    DDI RULE 4333 CVE-2019-18396 - TECHNICOLOR RCE EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4333/vinfo/au/threat-encyclopedia/network/ddi-rule-4333
    DDI RULE 4339 CVE-2018-7777 - SCHNEIDER RCE EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4339/vinfo/au/threat-encyclopedia/network/ddi-rule-4339
    DDI RULE 4278 CVE-2019-5121 - YOUPHPTUBE SQL INJECTION - HTTP (REQUEST)
    2020/06/15DDI RULE 4278/vinfo/au/threat-encyclopedia/network/ddi-rule-4278
    DDI RULE 4274 CVE-2007-5693 - Sitebar Remote Code Execution EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4274/vinfo/au/threat-encyclopedia/network/ddi-rule-4274
    DDI RULE 4273 CVE-2019-16278 - DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4273/vinfo/au/threat-encyclopedia/network/ddi-rule-4273
    DDI RULE 4251 CVE-2019-16920 - DLINK RCE EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4251/vinfo/au/threat-encyclopedia/network/ddi-rule-4251
    DDI RULE 4421 CVE-2020-1301 - RCE DDOS EXPLOIT - SMB (Request)
    2020/06/15DDI RULE 4421/vinfo/au/threat-encyclopedia/network/ddi-rule-4421
    DDI RULE 4422 Possible CVE-2020-1206 - BLEED EXPLOIT - (Request)
    2020/06/15DDI RULE 4422/vinfo/au/threat-encyclopedia/network/ddi-rule-4422
    DDI RULE 4372 CVE-2020-8949 - GOCLOUD RCE EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4372/vinfo/au/threat-encyclopedia/network/ddi-rule-4372
    DDI RULE 4373 CVE-2020-9026 - ELTEX RCE EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4373/vinfo/au/threat-encyclopedia/network/ddi-rule-4373
    DDI RULE 4379 CVE-2019-20499 - DLINK DWL RCE EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4379/vinfo/au/threat-encyclopedia/network/ddi-rule-4379
    DDI RULE 4400 CVE-2019-7193 - QNAP RCE EXPLOIT - HTTP (REQUEST)
    2020/06/15DDI RULE 4400/vinfo/au/threat-encyclopedia/network/ddi-rule-4400
    DDI RULE 1010 PE_XPAJ TCP Connection - Class 1
    2020/06/15DDI RULE 1010/vinfo/au/threat-encyclopedia/network/ddi-rule-1010
    DDI RULE 2589 LOKI - HTTP (Response)
    2020/06/15DDI RULE 2589/vinfo/au/threat-encyclopedia/network/ddi-rule-2589
    DDI RULE 2377 CVE-2017-9073 - Remote Code Execution - RDP
    2020/06/15DDI RULE 2377/vinfo/au/threat-encyclopedia/network/ddi-rule-2377
    DDI RULE 2448 REGEORG - HTTP (Response)
    2020/06/15DDI RULE 2448/vinfo/au/threat-encyclopedia/network/ddi-rule-2448
    DDI RULE 4259 MDMP File Upload
    2020/06/12DDI RULE 4259/vinfo/au/threat-encyclopedia/network/ddi-rule-4259
    DDI RULE 4260 Log Files Upload
    2020/06/12DDI RULE 4260/vinfo/au/threat-encyclopedia/network/ddi-rule-4260
    DDI RULE 4403 SSH on Non-Standard Port - Request
    2020/06/11DDI RULE 4403/vinfo/au/threat-encyclopedia/network/ddi-rule-4403
    DDI RULE 4415 JSPSPY Webshell - HTTP (Request) - Variant 2
    2020/06/08DDI RULE 4415/vinfo/au/threat-encyclopedia/network/ddi-rule-4415
    DDI RULE 4419 Zyxel - Remote Code Execution - HTTP (Request) - Variant 2
    2020/06/08DDI RULE 4419/vinfo/au/threat-encyclopedia/network/ddi-rule-4419
    DDI RULE 4420 SHELLRESET - DATA EXFILTRATION - HTTP (Request)
    2020/06/08DDI RULE 4420/vinfo/au/threat-encyclopedia/network/ddi-rule-4420
    DDI RULE 2639 CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request)
    2020/06/08DDI RULE 2639/vinfo/au/threat-encyclopedia/network/ddi-rule-2639
    DDI RULE 4418 Possible CVE-2020-0796 - SERVER COMPRESSION TRANSFORM EXPLOIT - SMB3 (Request) - Variant 2
    2020/06/05DDI RULE 4418/vinfo/au/threat-encyclopedia/network/ddi-rule-4418
    DDI RULE 4416 CVE-2020-11963 - IQROUTER RCE EXPLOIT - HTTP (REQUEST)
    2020/06/04DDI RULE 4416/vinfo/au/threat-encyclopedia/network/ddi-rule-4416
    DDI RULE 4417 CVE-2020-11963 - IQROUTER RCE EXPLOIT - HTTP (REQUEST) - Variant 2
    2020/06/04DDI RULE 4417/vinfo/au/threat-encyclopedia/network/ddi-rule-4417
    DDI RULE 4414 ThinkPHP 5x Remote Code Execution - HTTP (Request) - Variant 2
    2020/06/03DDI RULE 4414/vinfo/au/threat-encyclopedia/network/ddi-rule-4414
    DDI RULE 4402 CVE-2020-11652 - Saltstack Directory Traversal - TCP (Request)
    2020/06/03DDI RULE 4402/vinfo/au/threat-encyclopedia/network/ddi-rule-4402
    DDI RULE 4399 CVE-2020-11651 - Saltstack Remote Code Execution Exploit - TCP (Request)
    2020/06/03DDI RULE 4399/vinfo/au/threat-encyclopedia/network/ddi-rule-4399
    DDI RULE 2500 Executable Image Download - HTTP (Response)
    2020/06/03DDI RULE 2500/vinfo/au/threat-encyclopedia/network/ddi-rule-2500
    DDI RULE 4413 Possible Directory Traversal Exploit Attempted SENSOR - HEADERS - HTTP (Request)
    2020/06/02DDI RULE 4413/vinfo/au/threat-encyclopedia/network/ddi-rule-4413
    DDI RULE 4412 CVE-2020-8617 - NXNSATTACK - DNS (REQUEST)
    2020/06/01DDI RULE 4412/vinfo/au/threat-encyclopedia/network/ddi-rule-4412
    DDI RULE 4397 ACTIVE DIRECTORY GPO DEPLOY COMMAND - SMB2 (Response)
    2020/05/28DDI RULE 4397/vinfo/au/threat-encyclopedia/network/ddi-rule-4397
    DDI RULE 2837 CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request)
    2020/05/26DDI RULE 2837/vinfo/au/threat-encyclopedia/network/ddi-rule-2837
    DDI RULE 4235 Remote CreateService - SMB2 (Request)
    2020/05/14DDI RULE 4235/vinfo/au/threat-encyclopedia/network/ddi-rule-4235
    DDI RULE 4236 Meterpreter Powershell - SMB2 (Request)
    2020/05/14DDI RULE 4236/vinfo/au/threat-encyclopedia/network/ddi-rule-4236
    DDI RULE 2654 Powershell - SMB
    2020/05/14DDI RULE 2654/vinfo/au/threat-encyclopedia/network/ddi-rule-2654
    DDI RULE 4389 APT - GRIFFON - HTTP (Request)
    2020/05/13DDI RULE 4389/vinfo/au/threat-encyclopedia/network/ddi-rule-4389
    DDI RULE 4395 HADGLIDER - HTTP (REQUEST)
    2020/05/13DDI RULE 4395/vinfo/au/threat-encyclopedia/network/ddi-rule-4395
    DDI RULE 4390 CobaltStrike - HTTPS (Request)
    2020/05/12DDI RULE 4390/vinfo/au/threat-encyclopedia/network/ddi-rule-4390
    DDI RULE 4392 CVE-2020-12078 - OPENAUDIT RCE EXPLOIT - HTTP (Request)
    2020/05/11DDI RULE 4392/vinfo/au/threat-encyclopedia/network/ddi-rule-4392
    DDI RULE 4393 CVE-2020-10808 - IFS UNIX EXPLOIT - FTP (Request)
    2020/05/11DDI RULE 4393/vinfo/au/threat-encyclopedia/network/ddi-rule-4393
    DDI RULE 4394 CVE-2020-2883 - WEBLOGIC T3 EXPLOIT - TCP (REQUEST)
    2020/05/11DDI RULE 4394/vinfo/au/threat-encyclopedia/network/ddi-rule-4394
    DDI RULE 1641 CVE-2014-6277 - SHELLSHOCK HTTP Exploit
    2020/05/11DDI RULE 1641/vinfo/au/threat-encyclopedia/network/ddi-rule-1641
    DDI RULE 4387 Possible SoftEther VPN Client - HTTPS (REQUEST)
    2020/05/06DDI RULE 4387/vinfo/au/threat-encyclopedia/network/ddi-rule-4387
    DDI RULE 4386 CVE-2020-3952 - VSPHERE EXPLOIT - LDAP (Request)
    2020/05/05DDI RULE 4386/vinfo/au/threat-encyclopedia/network/ddi-rule-4386
    DDI RULE 4385 Invalid Credentials - LDAP (Response)
    2020/05/04DDI RULE 4385/vinfo/au/threat-encyclopedia/network/ddi-rule-4385
    DDI RULE 4384 UNIX IFS SHELL RCE - HTTP (Request)
    2020/04/29DDI RULE 4384/vinfo/au/threat-encyclopedia/network/ddi-rule-4384
    DDI RULE 1502 Possible Malformed Heartbeat SSL Response - Class 1
    2020/04/29DDI RULE 1502/vinfo/au/threat-encyclopedia/network/ddi-rule-1502
    DDI RULE 1503 Possible Malformed Heartbeat SSL Response - Class 2
    2020/04/29DDI RULE 1503/vinfo/au/threat-encyclopedia/network/ddi-rule-1503
    DDI RULE 2005 Possible EDELLROOT certificate detected
    2020/04/28DDI RULE 2005/vinfo/au/threat-encyclopedia/network/ddi-rule-2005
    DDI RULE 2412 TRICKBOT - Malicious certificate - SSL
    2020/04/28DDI RULE 2412/vinfo/au/threat-encyclopedia/network/ddi-rule-2412
    DDI RULE 2363 QAKBOT - Malicious certificate - SSL
    2020/04/28DDI RULE 2363/vinfo/au/threat-encyclopedia/network/ddi-rule-2363

    Try our services free for 30 days

    • Start your free trial today

    Resources

    • Blog
    • Newsroom
    • Threat Reports
    • DevOps Resource Centre
    • CISO Resource Centre
    • Find a Partner

    Support

    • Business Support Portal
    • Contact Us
    • Downloads
    • Free Trials

    About Trend

    • About Us
    • Careers
    • Locations
    • Upcoming Events
    • Trust Center

    Select a country / region

    ✕

    The Americas

    • United States
    • Brasil
    • Canada
    • México

    Middle East & Africa

    • South Africa
    • Middle East and North Africa

    Europe

    • België (Belgium)
    • Česká Republika
    • Danmark
    • Deutschland, Österreich Schweiz
    • España
    • France
    • Ireland
    • Italia
    • Nederland
    • Norge (Norway)
    • Polska (Poland)
    • Suomi (Finland)
    • Sverige (Sweden)
    • Türkiye (Turkey)
    • United Kingdom

    Asia & Pacific

    • Australia
    • Центральная Азия (Central Asia)
    • Hong Kong (English)
    • 香港 (中文) (Hong Kong)
    • भारत गणराज्य (India)
    • Indonesia
    • 日本 (Japan)
    • 대한민국 (South Korea)
    • Malaysia
    • Монголия (Mongolia) and рузия (Georgia)
    • New Zealand
    • Philippines
    • Singapore
    • 台灣 (Taiwan)
    • ประเทศไทย (Thailand)
    • Việt Nam

    Privacy | Legal | Accessibility | Site map

    Copyright ©2023 Trend Micro Incorporated. All rights reserved