| DDI RULE 4152 | COBALTSTRIKE - HTTP (Response) | HIGH | | 2021/09/14 | DDI RULE 4152 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4152 |
| DDI RULE 4626 | DONOFF - DNS(RESPONSE) | HIGH | | 2021/09/14 | DDI RULE 4626 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4626 |
| DDI RULE 4624 | CVE-2021-31207 - EXCHANGE EXPLOIT - HTTP(RESPONSE) | HIGH | | 2021/09/08 | DDI RULE 4624 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4624 |
| DDI RULE 4623 | CVE-2021-26084 - CONFLUENCE OGNL RCE EXPLOIT - HTTP(REQUEST) | HIGH | | 2021/09/07 | DDI RULE 4623 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4623 |
| DDI RULE 4621 | CVE-2021-37161 - PTS SWISSLOG BUFFER OVERFLOW EXPLOIT - UDP (Request) | MEDIUM | | 2021/09/06 | DDI RULE 4621 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4621 |
| DDI RULE 4622 | CVE-2021-37164 - PTS SWISSLOG BUFFER OVERFLOW EXPLOIT - UDP (Request) | MEDIUM | | 2021/09/06 | DDI RULE 4622 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4622 |
| DDI RULE 1200 | Possible SYN Flood Detected | LOW | | 2021/09/06 | DDI RULE 1200 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1200 |
| DDI RULE 2184 | Possible Successful Logon Connection - RDP (Request) | LOW | | 2021/09/06 | DDI RULE 2184 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2184 |
| DDI RULE 4558 | REDLINE - HTTP (REQUEST) | HIGH | | 2021/09/02 | DDI RULE 4558 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4558 |
| DDI RULE 4620 | CVE-2021-22123 - FORTINET RCE - HTTP(EXPLOIT) | HIGH | | 2021/08/31 | DDI RULE 4620 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4620 |
| DDI RULE 4342 | CVE-2020-7247 - OPENSMTPD RCE EXPLOIT - SMTP (REQUEST) | HIGH | | 2021/08/26 | DDI RULE 4342 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4342 |
| DDI RULE 4618 | ICEID - HTTP(REQUEST) | HIGH | | 2021/08/25 | DDI RULE 4618 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4618 |
| DDI RULE 4619 | NEGASTEAL - FTP(REQUEST) | HIGH | | 2021/08/23 | DDI RULE 4619 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4619 |
| DDI RULE 4617 | SIP POSSIBLE BRUTEFORCE - UDP(RESPONSE) | MEDIUM | | 2021/08/23 | DDI RULE 4617 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4617 |
| DDI RULE 4576 | CVE-2021-31166 - HTTP Protocol RCE Exploit - HTTP (REQUEST) | HIGH | | 2021/08/23 | DDI RULE 4576 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4576 |
| DDI RULE 4616 | POSSIBLE ZEPPELIN - HTTP(REQUEST) | HIGH | | 2021/08/19 | DDI RULE 4616 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4616 |
| DDI RULE 4615 | ZEPPELIN - HTTP(REQUEST) | HIGH | | 2021/08/18 | DDI RULE 4615 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4615 |
| DDI RULE 4612 | MGCP POSSIBLE EXFIL - UDP(REQUEST) | MEDIUM | | 2021/08/18 | DDI RULE 4612 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4612 |
| DDI RULE 4614 | SNMP POSSIBLE BRUTEFORCE - UDP(REQUEST) | LOW | | 2021/08/17 | DDI RULE 4614 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4614 |
| DDI RULE 4613 | CVE-2021-31195 - EXCHANGE XSS - HTTP(EXPLOIT) | HIGH | | 2021/08/16 | DDI RULE 4613 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4613 |
| DDI RULE 4593 | CVE-2021-34473 - EXCHANGE SSRF EXPLOIT - HTTP(REQUEST) | HIGH | | 2021/08/12 | DDI RULE 4593 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4593 |
| DDI RULE 4611 | CVE-2021-26432 - NFS BUFFEROVERLOW EXPLOIT - UDP(REQUEST) | HIGH | | 2021/08/11 | DDI RULE 4611 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4611 |
| DDI RULE 4589 | Possible CVE-2021-34527 - Windows Print Spooler RCE - DCE (Request) | LOW | | 2021/08/10 | DDI RULE 4589 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4589 |
| DDI RULE 4604 | Possible PETITPOTAM EFS NTLM RELAY ATTACK - SMB2(REQUEST) | HIGH | | 2021/08/09 | DDI RULE 4604 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4604 |
| DDI RULE 4609 | PAYLOADBIN - HTTP (REQUEST) - Variant 1 | HIGH | | 2021/08/05 | DDI RULE 4609 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4609 |
| DDI RULE 4602 | NBT-NS Query Response | MEDIUM | | 2021/08/05 | DDI RULE 4602 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4602 |
| DDI RULE 4605 | PAYLOADBIN - HTTP(REQUEST) | HIGH | | 2021/08/03 | DDI RULE 4605 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4605 |
| DDI RULE 4601 | LLMNR Query Response | MEDIUM | | 2021/07/29 | DDI RULE 4601 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4601 |
| DDI RULE 4603 | ApexOne File Upload Exploit- HTTP(REQUEST) | HIGH | | 2021/07/27 | DDI RULE 4603 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4603 |
| DDI RULE 4594 | COBALTSTRIKE - HTTP(REQUEST) - Variant 3 | HIGH | | 2021/07/27 | DDI RULE 4594 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4594 |
| DDI RULE 4597 | HACKADEMY - HTTP(RESPONSE) | HIGH | | 2021/07/21 | DDI RULE 4597 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4597 |
| DDI RULE 4598 | CVE-2021-3129 - LARAVEL RCE EXPLOIT - HTTP(REQUEST) | HIGH | | 2021/07/21 | DDI RULE 4598 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4598 |
| DDI RULE 4599 | KASEYA AUTHBYPASS EXPLOIT - HTTP(REQUEST) | HIGH | | 2021/07/21 | DDI RULE 4599 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4599 |
| DDI RULE 4596 | LOADSELL - HTTP(REQUEST) | HIGH | | 2021/07/20 | DDI RULE 4596 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4596 |
| DDI RULE 4595 | NJRAT - TCP (REQUEST) - Variant 2 | HIGH | | 2021/07/19 | DDI RULE 4595 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4595 |
| DDI RULE 4531 | RPC SECRETSDUMP DCSYNC - DCE (REQUEST) | MEDIUM | | 2021/07/19 | DDI RULE 4531 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4531 |
| DDI RULE 4581 | STOP - HTTP (REQUEST) | HIGH | | 2021/07/15 | DDI RULE 4581 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4581 |
| DDI RULE 4592 | REDLINE - HTTP(RESPONSE) | HIGH | | 2021/07/14 | DDI RULE 4592 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4592 |
| DDI RULE 4591 | REVIL - HTTP(REQUEST) | HIGH | | 2021/07/12 | DDI RULE 4591 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4591 |
| DDI RULE 4588 | Possible CVE-2021-34527 - Windows Print Spooler RCE - SMB (Request) | LOW | | 2021/07/12 | DDI RULE 4588 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4588 |
| DDI RULE 1109 | TDSS - HTTP (Request) | HIGH | | 2021/07/01 | DDI RULE 1109 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1109 |
| DDI RULE 4483 | Remote Access Tool - VNC (Request) | HIGH | | 2021/06/23 | DDI RULE 4483 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4483 |
| DDI RULE 4587 | REVENGERAT - TCP(REQUEST) | HIGH | | 2021/06/21 | DDI RULE 4587 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4587 |
| DDI RULE 2007 | URSNIF - HTTP (Request) - Variant 3 | HIGH | | 2021/06/17 | DDI RULE 2007 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2007 |
| DDI RULE 4586 | Remote Tools Certificate - SSL | MEDIUM | | 2021/06/15 | DDI RULE 4586 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4586 |
| DDI RULE 4583 | CVE-2021-21985 - VMWARE VSAN PLUGIN RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/06/07 | DDI RULE 4583 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4583 |
| DDI RULE 4584 | Malicious Certificate SHA1 Hash - SSL | HIGH | | 2021/06/03 | DDI RULE 4584 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4584 |
| DDI RULE 4585 | CVE-2017-12617 - APACHE TOMCAT PUT METHOD RCE - HTTP (REQUEST) | MEDIUM | | 2021/06/03 | DDI RULE 4585 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4585 |
| DDI RULE 4582 | LEMON DUCK - HTTP (REQUEST) | HIGH | | 2021/06/03 | DDI RULE 4582 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4582 |
| DDI RULE 4571 | Possible Suspicious Named Pipe - SMB2 (REQUEST) | MEDIUM | | 2021/05/28 | DDI RULE 4571 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4571 |
| DDI RULE 4580 | PROMETEI - HTTP (REQUEST) | HIGH | | 2021/05/27 | DDI RULE 4580 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4580 |
| DDI RULE 4579 | DENES - DNS (RESPONSE) | HIGH | | 2021/05/26 | DDI RULE 4579 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4579 |
| DDI RULE 4572 | GLUPTEBA - HTTP (REQUEST) | HIGH | | 2021/05/25 | DDI RULE 4572 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4572 |
| DDI RULE 4577 | MAGNIBER EK for Internet Explorer - HTTP (RESPONSE) | HIGH | | 2021/05/24 | DDI RULE 4577 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4577 |
| DDI RULE 4578 | CVE-2021-28482 - MS EXCHANGE DESERIALIZATION RCE EXPLOIT - HTTP (REQUEST) | MEDIUM | | 2021/05/20 | DDI RULE 4578 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4578 |
| DDI RULE 4575 | DENES - HTTP (REQUEST) | HIGH | | 2021/05/20 | DDI RULE 4575 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4575 |
| DDI RULE 1541 | EMOTET - HTTP (Request) | HIGH | | 2021/05/18 | DDI RULE 1541 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1541 |
| DDI RULE 1618 | CVE-2014-6271 - Shellshock HTTP Request | HIGH | | 2021/05/12 | DDI RULE 1618 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1618 |
| DDI RULE 1642 | CVE-2014-6278 - SHELLSHOCK HTTP Exploit | HIGH | | 2021/05/12 | DDI RULE 1642 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1642 |
| DDI RULE 2348 | CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request) | HIGH | | 2021/05/12 | DDI RULE 2348 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2348 |
| DDI RULE 4573 | CVE-2021-31181 - SHAREPOINT RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/05/12 | DDI RULE 4573 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4573 |
| DDI RULE 4569 | CVE-2021-27065 - MS EXCHANGE FILE WRITE RCE EXPLOIT - HTTP (REQUEST) | MEDIUM | | 2021/05/11 | DDI RULE 4569 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4569 |
| DDI RULE 4570 | COBALTSTRIKE - DNS (Response) - Variant 2 | HIGH | | 2021/05/11 | DDI RULE 4570 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4570 |
| DDI RULE 2034 | RANSOM CRYPTESLA - HTTP (Request) - Variant 5 | HIGH | | 2021/05/11 | DDI RULE 2034 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2034 |
| DDI RULE 2117 | DEMOCRY - Ransomware - HTTP (Request) | HIGH | | 2021/05/11 | DDI RULE 2117 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2117 |
| DDI RULE 4567 | BOXTER - HTTP (RESPONSE) | HIGH | | 2021/05/06 | DDI RULE 4567 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4567 |
| DDI RULE 4568 | BOXTER - HTTP (REQUEST) | HIGH | | 2021/05/06 | DDI RULE 4568 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4568 |
| DDI RULE 4565 | CVE-2021-24085 - EXCHANGE CSRF EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/05/06 | DDI RULE 4565 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4565 |
| DDI RULE 2786 | ThinkPHP 5x Remote Code Execution - HTTP (Request) | HIGH | | 2021/05/04 | DDI RULE 2786 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2786 |
| DDI RULE 4566 | CVE-2020-17047 - Network File System RPC DOS EXPLOIT - TCP (REQUEST) | HIGH | | 2021/05/03 | DDI RULE 4566 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4566 |
| DDI RULE 4564 | CVE-2020-8243 - PULSE RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/04/29 | DDI RULE 4564 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4564 |
| DDI RULE 4560 | CVE-2021-20023 - SONICWALL DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/04/28 | DDI RULE 4560 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4560 |
| DDI RULE 4562 | CVE-2019-9670 - ZIMBRA SUITE XXE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/04/28 | DDI RULE 4562 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4562 |
| DDI RULE 4563 | CVE-2020-8260 - PULSE RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/04/26 | DDI RULE 4563 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4563 |
| DDI RULE 4561 | CVE-2020-4006 - VMWARE CONFIGURATOR COMMAND INJECTION - HTTP (REQUEST) | HIGH | | 2021/04/26 | DDI RULE 4561 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4561 |
| DDI RULE 4559 | CVE-2019-11510 - PULSE INFORMATION DISCLOSURE - HTTP (REQUEST) | HIGH | | 2021/04/26 | DDI RULE 4559 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4559 |
| DDI RULE 4551 | CVE-2021-21975 - VREALIZE API SSRF EXPLOIT - HTTP (REQUEST) | LOW | | 2021/04/21 | DDI RULE 4551 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4551 |
| DDI RULE 4557 | PANDASTEALER - HTTP (REQUEST) | HIGH | | 2021/04/21 | DDI RULE 4557 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4557 |
| DDI RULE 4550 | POSSIBLE PASSWORD SPRAY - LDAP (RESPONSE) | MEDIUM | | 2021/04/19 | DDI RULE 4550 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4550 |
| DDI RULE 4555 | CVE-2018-13374 - FORTIOS INFORMATION DISCLOSURE - HTTP (REQUEST) | HIGH | | 2021/04/19 | DDI RULE 4555 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4555 |
| DDI RULE 4556 | Possible CVE-2018-13374 - FORTIOS INFORMATION DISCLOSURE - HTTP (REQUEST) | LOW | | 2021/04/19 | DDI RULE 4556 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4556 |
| DDI RULE 4553 | CVE-2018-13379 - FORTIOS DIRECTORY TRAVERSAL - HTTP (REQUEST) | HIGH | | 2021/04/15 | DDI RULE 4553 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4553 |
| DDI RULE 4554 | RCLONE - HTTP (REQUEST) | HIGH | | 2021/04/15 | DDI RULE 4554 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4554 |
| DDI RULE 1561 | APT - PLUGX Malformed request - DNS | HIGH | | 2021/04/15 | DDI RULE 1561 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1561 |
| DDI RULE 4552 | CVE-2021-21983 - VREALIZE API FILE RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/04/13 | DDI RULE 4552 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4552 |
| DDI RULE 4548 | GET2 LOADER - HTTP (Request) | HIGH | | 2021/04/07 | DDI RULE 4548 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4548 |
| DDI RULE 4549 | CHOPPER - HTTP (Response) | MEDIUM | | 2021/04/07 | DDI RULE 4549 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4549 |
| DDI RULE 4532 | CVE-2021-26855 - Exchange Server Side Request Forgery Exploit - HTTP (REQUEST) - Variant 2 | HIGH | | 2021/04/06 | DDI RULE 4532 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4532 |
| DDI RULE 4547 | SDBOT - TCP (REQUEST) | HIGH | | 2021/04/05 | DDI RULE 4547 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4547 |
| DDI RULE 4543 | CVE-2021-25274 - Solarwinds Orion Remote Code Execution Exploit - TCP (REQUEST) | HIGH | | 2021/03/25 | DDI RULE 4543 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4543 |
| DDI RULE 4544 | CVE-2021-27561 - YEALINK RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/03/25 | DDI RULE 4544 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4544 |
| DDI RULE 4545 | CVE-2021-22502 - MICROFOCUS RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/03/25 | DDI RULE 4545 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4545 |
| DDI RULE 4546 | QUASAR - TCP (RESPONSE) | HIGH | | 2021/03/25 | DDI RULE 4546 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4546 |
| DDI RULE 4539 | CVE-2020-17530 - APACHE STRUTS OGNL RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/03/24 | DDI RULE 4539 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4539 |
| DDI RULE 4540 | CVE-2021-22991 - F5 BIG-IP TSM BUFFER OVERFLOW EXPLOIT - HTTP(REQUEST) | HIGH | | 2021/03/24 | DDI RULE 4540 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4540 |
| DDI RULE 4541 | CVE-2021-22992 - F5 BIG-IP ASM BUFFER OVERFLOW EXPLOIT - HTTP(RESPONSE) | HIGH | | 2021/03/24 | DDI RULE 4541 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4541 |
| DDI RULE 4542 | CVE-2021-22986 - F5 BIG-IP iCONTROL RCE EXPLOIT - HTTP(REQUEST) | HIGH | | 2021/03/24 | DDI RULE 4542 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4542 |
| DDI RULE 4456 | File Upload through SMB or SMB2 | LOW | | 2021/03/24 | DDI RULE 4456 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4456 |
| DDI RULE 4457 | File Download through SMB or SMB2 | LOW | | 2021/03/24 | DDI RULE 4457 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4457 |
| DDI RULE 4538 | CVE-2020-17518 - APACHE FLINK DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/03/23 | DDI RULE 4538 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4538 |
| DDI RULE 4516 | MESTRE - IRC (REQUEST) | HIGH | | 2021/03/23 | DDI RULE 4516 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4516 |
| DDI RULE 2598 | PsExec PETYA - Ransomware - SMB2 | HIGH | | 2021/03/23 | DDI RULE 2598 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2598 |
| DDI RULE 2021 | NUCLEAR - Exploit kit - HTTP (Request) - Variant 3 | MEDIUM | | 2021/03/22 | DDI RULE 2021 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2021 |
| DDI RULE 4504 | LOKIBOT - HTTP (REQUEST) | HIGH | | 2021/03/18 | DDI RULE 4504 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4504 |
| DDI RULE 4536 | APT - MANGZAMEL - TCP (Request) | HIGH | | 2021/03/17 | DDI RULE 4536 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4536 |
| DDI RULE 4239 | CVE-2019-16759 - VBulletin Remote Command Execution - HTTP (Request) | HIGH | | 2021/03/17 | DDI RULE 4239 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4239 |
| DDI RULE 4537 | CVE-2020-5847 - UNRAID RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/03/16 | DDI RULE 4537 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4537 |
| DDI RULE 4530 | DCERPC WMIEXECPY - (REQUEST) | HIGH | | 2021/03/16 | DDI RULE 4530 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4530 |
| DDI RULE 4525 | CVE-2021-21972 - VSPHERE RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/03/16 | DDI RULE 4525 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4525 |
| DDI RULE 4529 | APT - REMOTE EXECUTION ZABBIX - TCP (REQUEST) | HIGH | | 2021/03/16 | DDI RULE 4529 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4529 |
| DDI RULE 4533 | CVE-2021-26877 - RCE EXPLOIT - DNS (REQUEST) | HIGH | | 2021/03/15 | DDI RULE 4533 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4533 |
| DDI RULE 4534 | CVE-2021-26897 - OVER TCP RCE EXPLOIT - DNS (REQUEST) | HIGH | | 2021/03/15 | DDI RULE 4534 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4534 |
| DDI RULE 4535 | CVE-2021-27076 - Sharepoint Remote Code Execution Exploit - HTTP (REQUEST) | HIGH | | 2021/03/15 | DDI RULE 4535 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4535 |
| DDI RULE 2057 | CRYDAP - Ransomware - HTTP (Request) | HIGH | | 2021/03/11 | DDI RULE 2057 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2057 |
| DDI RULE 2452 | Wget Commandline Injection | MEDIUM | | 2021/03/10 | DDI RULE 2452 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2452 |
| DDI RULE 4528 | Possible Wget Commandline Injection | MEDIUM | | 2021/03/10 | DDI RULE 4528 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4528 |
| DDI RULE 4526 | DEWMODE - HTTP (REQUEST) | HIGH | | 2021/03/10 | DDI RULE 4526 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4526 |
| DDI RULE 4527 | CVE-2021-26855 - Exchange Server Side Request Forgery Exploit SB - HTTP (REQUEST) | HIGH | | 2021/03/09 | DDI RULE 4527 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4527 |
| DDI RULE 4523 | Fobushell - HTTP (Request) | HIGH | | 2021/03/03 | DDI RULE 4523 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4523 |
| DDI RULE 4524 | Possible Renamed PSEXEC Service - SMB2 (Request) | MEDIUM | | 2021/03/03 | DDI RULE 4524 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4524 |
| DDI RULE 4522 | CVE-2021-24072 - SHAREPOINT RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2021/02/15 | DDI RULE 4522 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4522 |
| DDI RULE 4520 | CVE-2021-24078 - Remote Comand Execution Exploit - DNS (RESPONSE) | HIGH | | 2021/02/11 | DDI RULE 4520 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4520 |
| DDI RULE 4521 | CVE-2021-1707 - Sharepoint Remote Code Execution Exploit - HTTP (REQUEST) | HIGH | | 2021/02/11 | DDI RULE 4521 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4521 |
| DDI RULE 2472 | CARBANAK - DNS (Response) | HIGH | | 2021/02/11 | DDI RULE 2472 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2472 |
| DDI RULE 1542 | Possible CONFICKER DNS Response | HIGH | | 2021/02/11 | DDI RULE 1542 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1542 |
| DDI RULE 1543 | Possible CRILOCK DNS Response | HIGH | | 2021/02/11 | DDI RULE 1543 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1543 |
| DDI RULE 1544 | Possible CAPHAW DNS Response | HIGH | | 2021/02/11 | DDI RULE 1544 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1544 |
| DDI RULE 4518 | Possible NAT Slipstreaming - TCP (Request) | MEDIUM | | 2021/02/10 | DDI RULE 4518 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4518 |
| DDI RULE 4519 | COBALTSTRIKE - HTTPS (REQUEST) | HIGH | | 2021/02/09 | DDI RULE 4519 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4519 |
| DDI RULE 2544 | JAWS Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2021/02/09 | DDI RULE 2544 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2544 |
| DDI RULE 4517 | TORRENTLOCKER - HTTPS (REQUEST) | HIGH | | 2021/02/02 | DDI RULE 4517 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4517 |
| DDI RULE 4512 | TRICKBOT - HTTPS (REQUEST) | HIGH | | 2021/02/02 | DDI RULE 4512 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4512 |
| DDI RULE 4513 | EMPIRE - HTTPS (REQUEST) | HIGH | | 2021/02/01 | DDI RULE 4513 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4513 |
| DDI RULE 4514 | METASPLOIT - HTTPS (REQUEST) - Malicious SSL Connection | HIGH | | 2021/02/01 | DDI RULE 4514 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4514 |
| DDI RULE 4515 | QAKBOT - HTTP (RESPONSE) | HIGH | | 2021/02/01 | DDI RULE 4515 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4515 |
| DDI RULE 4506 | CVE-2021-2109 - Oracle WebLogic Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2021/01/28 | DDI RULE 4506 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4506 |
| DDI RULE 4507 | GOOTKIT - HTTPS (REQUEST) | HIGH | | 2021/01/28 | DDI RULE 4507 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4507 |
| DDI RULE 4508 | GOZI - HTTPS (REQUEST) | HIGH | | 2021/01/28 | DDI RULE 4508 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4508 |
| DDI RULE 4509 | CVE-2019-11229 - Gitea Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2021/01/28 | DDI RULE 4509 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4509 |
| DDI RULE 4510 | RANSOM TROLDESH - HTTPS (REQUEST) | HIGH | | 2021/01/28 | DDI RULE 4510 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4510 |
| DDI RULE 4511 | QUAKBOT - HTTPS (REQUEST) | HIGH | | 2021/01/28 | DDI RULE 4511 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4511 |
| DDI RULE 4485 | CVE-2020-14882 - Oracle WebLogic Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2021/01/28 | DDI RULE 4485 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4485 |
| DDI RULE 4502 | DRIDEX - HTTPS (REQUEST) | HIGH | | 2021/01/27 | DDI RULE 4502 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4502 |
| DDI RULE 4505 | RANSOM CRYPTOLOCK - HTTPS (REQUEST) | HIGH | | 2021/01/27 | DDI RULE 4505 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4505 |
| DDI RULE 4503 | SILENTNIGHT- ZLOADER - HTTP(RESPONSE) | MEDIUM | | 2021/01/26 | DDI RULE 4503 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4503 |
| DDI RULE 4498 | Sanfor EDR Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2021/01/25 | DDI RULE 4498 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4498 |
| DDI RULE 4467 | APT - WATERTIGER - HTTP (Response) | HIGH | | 2021/01/25 | DDI RULE 4467 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4467 |
| DDI RULE 4501 | Too many FTP Error Code 421 - FTP (Response) | MEDIUM | | 2021/01/20 | DDI RULE 4501 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4501 |
| DDI RULE 4490 | XML External Entity File Disclosure - HTTP (Request) | MEDIUM | | 2021/01/13 | DDI RULE 4490 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4490 |
| DDI RULE 1816 | GATAK - HTTP (Request) - Variant 2 | HIGH | | 2021/01/11 | DDI RULE 1816 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1816 |
| DDI RULE 4499 | Top-App LB SQL Injection Exploit - HTTP (Request) | HIGH | | 2020/12/29 | DDI RULE 4499 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4499 |
| DDI RULE 4500 | GRP-u8 SQL Injection - HTTP (Request) | HIGH | | 2020/12/28 | DDI RULE 4500 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4500 |
| DDI RULE 4497 | SQL Injection Exploit - HTTP (Request) - Variant 2 | MEDIUM | | 2020/12/28 | DDI RULE 4497 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4497 |
| DDI RULE 4494 | CVE-2020-17051 - NFS Exploit - UDP (REQUEST) | MEDIUM | | 2020/12/23 | DDI RULE 4494 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4494 |
| DDI RULE 4495 | Potential Social Security Info on TXT/CSV attachment - HTTP (Request) | MEDIUM | | 2020/12/23 | DDI RULE 4495 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4495 |
| DDI RULE 4496 | Potential Credit Card Info on TXT/CSV attachment - HTTP (Request) | MEDIUM | | 2020/12/23 | DDI RULE 4496 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4496 |
| DDI RULE 4453 | CVE-2020-1472 - Zerologon Privilege Escalation - DCERPC (Request) | HIGH | | 2020/12/23 | DDI RULE 4453 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4453 |
| DDI RULE 4493 | CVE-2020-17121 - SHAREPOINT RCE EXPLOIT - HTTP (Request) | MEDIUM | | 2020/12/21 | DDI RULE 4493 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4493 |
| DDI RULE 4492 | SUPERNOVA WEBSHELL - HTTP (RESPONSE) | HIGH | | 2020/12/17 | DDI RULE 4492 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4492 |
| DDI RULE 4491 | SUNBURST - DNS (RESPONSE) | HIGH | | 2020/12/15 | DDI RULE 4491 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4491 |
| DDI RULE 4486 | CVE-2020-11974 - Apache DolphinScheduler Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/12/15 | DDI RULE 4486 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4486 |
| DDI RULE 4487 | CVE-2020-5791 - Nagios XI Command Injection - HTTP (Request) | HIGH | | 2020/12/15 | DDI RULE 4487 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4487 |
| DDI RULE 4488 | CVE-2020-5398 - Spring Framework Reflected File Download Exploit - HTTP (Request) | HIGH | | 2020/12/15 | DDI RULE 4488 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4488 |
| DDI RULE 4489 | CVE-2019-8394 - ZOHO FILEUPLOAD EXPLOIT - HTTP (REQUEST) | MEDIUM | | 2020/12/14 | DDI RULE 4489 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4489 |
| DDI RULE 4484 | GOLDENSPY - HTTP (REQUEST) | HIGH | | 2020/12/14 | DDI RULE 4484 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4484 |
| DDI RULE 4482 | Browser Exploitation Framework Tool - HTTP (Request) | MEDIUM | | 2020/12/14 | DDI RULE 4482 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4482 |
| DDI RULE 4447 | Potential Credit Card Info on ICMP Echo - ICMP (Request) | MEDIUM | | 2020/12/14 | DDI RULE 4447 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4447 |
| DDI RULE 1471 | JACKPOS - HTTP (Request) | HIGH | | 2020/12/14 | DDI RULE 1471 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1471 |
| DDI RULE 4481 | SQL Injection Exploit - HTTP (Request) | MEDIUM | | 2020/12/03 | DDI RULE 4481 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4481 |
| DDI RULE 2492 | KARAGANY - HTTP (Request) | HIGH | | 2020/12/02 | DDI RULE 2492 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2492 |
| DDI RULE 4478 | CVE-2020-2551 - Oracle Weblogic Remote Code Execution Exploit - TCP (Request) | HIGH | | 2020/11/26 | DDI RULE 4478 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4478 |
| DDI RULE 4479 | NTLM v1 Authentication - SMB (Request) | MEDIUM | | 2020/11/24 | DDI RULE 4479 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4479 |
| DDI RULE 4480 | XXL-JOB Remote Code Execution Exploit - HTTP (REQUEST) | HIGH | | 2020/11/24 | DDI RULE 4480 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4480 |
| DDI RULE 4462 | Metasploit (Payload) - RC4 Encrypted Reverse TCP - TCP (Request) | MEDIUM | | 2020/11/19 | DDI RULE 4462 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4462 |
| DDI RULE 1706 | LDAP SASL Connection Detected | HIGH | | 2020/11/19 | DDI RULE 1706 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1706 |
| DDI RULE 4477 | Remote System Discovery - LDAP (REQUEST) - Variant 2 | HIGH | | 2020/11/11 | DDI RULE 4477 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4477 |
| DDI RULE 2713 | AVTECH Command Injection - Multiple Exploits - HTTP (Request) | HIGH | | 2020/11/10 | DDI RULE 2713 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2713 |
| DDI RULE 4476 | WOL- Wake on lan - UDP (REQUEST) | HIGH | | 2020/11/06 | DDI RULE 4476 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4476 |
| DDI RULE 2018 | DUNIHI HTTP Response | HIGH | | 2020/11/05 | DDI RULE 2018 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2018 |
| DDI RULE 4474 | File renamed - RYUK - Ransomware - SMB (Request) | HIGH | | 2020/11/03 | DDI RULE 4474 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4474 |
| DDI RULE 4475 | File renamed - RYUK - Ransomware - SMB2 (Request) | HIGH | | 2020/11/03 | DDI RULE 4475 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4475 |
| DDI RULE 4473 | MSXSL Code Execution - HTTP (Response) | MEDIUM | | 2020/11/02 | DDI RULE 4473 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4473 |
| DDI RULE 4471 | CVE-2016-4977 - Spring Security OAuth Remote Code Execution Exploit - HTTP (Request) | MEDIUM | | 2020/10/29 | DDI RULE 4471 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4471 |
| DDI RULE 4472 | POSSIBLE NGROK - HTTPS (REQUEST) | MEDIUM | | 2020/10/27 | DDI RULE 4472 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4472 |
| DDI RULE 4470 | CVE-2020-16952 - Microsoft SharePoint Remote Code Execution - HTTP (Request) | HIGH | | 2020/10/26 | DDI RULE 4470 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4470 |
| DDI RULE 1068 | APT - GHOSTRAT - TCP | HIGH | | 2020/10/26 | DDI RULE 1068 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1068 |
| DDI RULE 2333 | CVE-2017-0016 - Tree Connect Denial of Service Exploit - SMB2 (Response) | HIGH | | 2020/10/19 | DDI RULE 2333 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2333 |
| DDI RULE 2247 | DEMO RULE - SMB (Request) | HIGH | | 2020/10/19 | DDI RULE 2247 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2247 |
| DDI RULE 4469 | APT - COBALTSRIKE - HTTP (RESPONSE) | HIGH | | 2020/10/19 | DDI RULE 4469 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4469 |
| DDI RULE 4222 | PST File Upload | LOW | | 2020/10/19 | DDI RULE 4222 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4222 |
| DDI RULE 4468 | CVE-2020-16898 - EXPLOIT - ICMPv6 (REQUEST) | HIGH | | 2020/10/15 | DDI RULE 4468 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4468 |
| DDI RULE 4466 | PsExec Clones - SMB2 (Request) | HIGH | | 2020/10/14 | DDI RULE 4466 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4466 |
| DDI RULE 4465 | Remote System Discovery - LSARPC (REQUEST) | MEDIUM | | 2020/10/08 | DDI RULE 4465 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4465 |
| DDI RULE 4463 | QAKBOT - Malicious Certificate - SSL - Variant 3 | HIGH | | 2020/10/08 | DDI RULE 4463 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4463 |
| DDI RULE 4455 | CVE-2020-1472 - Zerologon Privilege Escalation - SMB2 (Request) | MEDIUM | | 2020/10/08 | DDI RULE 4455 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4455 |
| DDI RULE 4459 | CVE-2020-1472 - Zerologon Privilege Escalation - SMB (Request) | HIGH | | 2020/10/08 | DDI RULE 4459 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4459 |
| DDI RULE 4300 | WMI Command Execution - DCERPC (Request) | LOW | | 2020/10/08 | DDI RULE 4300 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4300 |
| DDI RULE 1022 | WMI Remote Registry - DCERPC (Request) | LOW | | 2020/10/08 | DDI RULE 1022 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1022 |
| DDI RULE 4464 | Remote System Discovery - LDAP (REQUEST) | MEDIUM | | 2020/10/07 | DDI RULE 4464 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4464 |
| DDI RULE 2849 | CVE-2019-9194-HTTP RCE - ELFINDER (Request) | HIGH | | 2020/10/07 | DDI RULE 2849 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2849 |
| DDI RULE 4460 | CVE-2017-17485 - Jackson Databind Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/10/05 | DDI RULE 4460 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4460 |
| DDI RULE 4461 | CVE-2017-7504 - JBossMQ JMS Invocation Layer Exploit - HTTP (Request) | HIGH | | 2020/10/05 | DDI RULE 4461 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4461 |
| DDI RULE 2212 | Possible Brute force - RDP | LOW | | 2020/10/05 | DDI RULE 2212 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2212 |
| DDI RULE 2388 | Unsuccessful logon - RDP | LOW | | 2020/10/05 | DDI RULE 2388 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2388 |
| DDI RULE 4142 | SSL Connection | LOW | | 2020/09/29 | DDI RULE 4142 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4142 |
| DDI RULE 4143 | Malicious SSL Client Connection | HIGH | | 2020/09/29 | DDI RULE 4143 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4143 |
| DDI RULE 4144 | Malicious SSL Server Connection | HIGH | | 2020/09/29 | DDI RULE 4144 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4144 |
| DDI RULE 4145 | Malicious SSL Connection | HIGH | | 2020/09/29 | DDI RULE 4145 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4145 |
| DDI RULE 4146 | Suspicious SSL Connection | MEDIUM | | 2020/09/29 | DDI RULE 4146 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4146 |
| DDI RULE 4147 | Suspicious SSL Client Connection | LOW | | 2020/09/29 | DDI RULE 4147 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4147 |
| DDI RULE 4148 | Suspicious SSL Server Connection | LOW | | 2020/09/29 | DDI RULE 4148 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4148 |
| DDI RULE 2210 | Metasploit (Payload) - Reverse TCP Patchup Meterpreter | HIGH | | 2020/09/28 | DDI RULE 2210 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2210 |
| DDI RULE 2751 | Remote Command Shell - TCP | HIGH | | 2020/09/24 | DDI RULE 2751 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2751 |
| DDI RULE 2752 | Remote PowerShell - TCP | HIGH | | 2020/09/24 | DDI RULE 2752 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2752 |
| DDI RULE 2664 | CreateService - SMB (Request) | HIGH | | 2020/09/21 | DDI RULE 2664 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2664 |
| DDI RULE 4443 | Logon successful - SSH | HIGH | | 2020/09/21 | DDI RULE 4443 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4443 |
| DDI RULE 4444 | Unsuccessful logon - SSH | HIGH | | 2020/09/21 | DDI RULE 4444 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4444 |
| DDI RULE 4445 | Possible Brute force - SSH | HIGH | | 2020/09/21 | DDI RULE 4445 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4445 |
| DDI RULE 4450 | SERVER PROTECT RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/09/17 | DDI RULE 4450 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4450 |
| DDI RULE 4451 | APT - MUDDYWATER - HTTP (Request) | HIGH | | 2020/09/17 | DDI RULE 4451 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4451 |
| DDI RULE 4452 | CVE-2020-0911 - EXPLOIT - ICMPv6 (REQUEST) | HIGH | | 2020/09/16 | DDI RULE 4452 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4452 |
| DDI RULE 4429 | Remote Service execution through SMB2 SVCCTL detected - Variant 2 | HIGH | | 2020/09/15 | DDI RULE 4429 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4429 |
| DDI RULE 4449 | Remote Service execution through SMB2 SVCCTL detected - Variant 3 | HIGH | | 2020/09/14 | DDI RULE 4449 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4449 |
| DDI RULE 4448 | WORDPRESS PLUGIN FILEMANAGER EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/09/08 | DDI RULE 4448 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4448 |
| DDI RULE 4442 | APT - DROVORUB - WEBSOCKET (RESPONSE) | HIGH | | 2020/09/07 | DDI RULE 4442 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4442 |
| DDI RULE 4446 | Apache Struts Potential Remote Code Execution Exploit - HTTP (Request) | MEDIUM | | 2020/09/01 | DDI RULE 4446 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4446 |
| DDI RULE 4436 | SQL Injection Remote Code Execution Sensor - HTTP (Request) | LOW | | 2020/08/24 | DDI RULE 4436 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4436 |
| DDI RULE 4437 | CVE-2014-9295 - Buffer Overflow - NTP (Request) | HIGH | | 2020/08/24 | DDI RULE 4437 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4437 |
| DDI RULE 4438 | CVE-2015-7855 - Denial of Service via decodenetnum - NTP (Request) | HIGH | | 2020/08/24 | DDI RULE 4438 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4438 |
| DDI RULE 4439 | CVE-2016-7434 - Denial of Service via mrulist - NTP (Request) | HIGH | | 2020/08/24 | DDI RULE 4439 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4439 |
| DDI RULE 4440 | CVE-2016-9312 - Possible Denial of Service via large packets - NTP (Request) | LOW | | 2020/08/24 | DDI RULE 4440 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4440 |
| DDI RULE 4441 | QAKBOT - Malicious Certificate - SSL - Variant 2 | HIGH | | 2020/08/20 | DDI RULE 4441 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4441 |
| DDI RULE 4434 | CVE-2020-9484 - Apache Tomcat Deserialization Remote Code Execution - HTTP (Request) | HIGH | | 2020/08/10 | DDI RULE 4434 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4434 |
| DDI RULE 1600 | Report Server ID MODBUS Request | HIGH | | 2020/08/06 | DDI RULE 1600 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1600 |
| DDI RULE 1598 | Non-Modbus Communication Request | HIGH | | 2020/08/06 | DDI RULE 1598 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1598 |
| DDI RULE 1599 | Illegal Packet Size - Possible DOS Attack MODBUS Request | HIGH | | 2020/08/06 | DDI RULE 1599 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1599 |
| DDI RULE 1122 | Office Document File Internal Transfer | LOW | | 2020/08/05 | DDI RULE 1122 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1122 |
| DDI RULE 1123 | Office Document File Upload | LOW | | 2020/08/05 | DDI RULE 1123 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1123 |
| DDI RULE 1119 | HTTP Request - Hostname is an IP address | LOW | | 2020/08/05 | DDI RULE 1119 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1119 |
| DDI RULE 1126 | Executable file via FTP - class 1 | LOW | | 2020/08/05 | DDI RULE 1126 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1126 |
| DDI RULE 2289 | Unsuccessful logon - FTP | LOW | | 2020/08/05 | DDI RULE 2289 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2289 |
| DDI RULE 2290 | Possible Brute force - FTP | LOW | | 2020/08/05 | DDI RULE 2290 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2290 |
| DDI RULE 4430 | Unencrypted REMCOS - TCP (Request) | HIGH | | 2020/07/30 | DDI RULE 4430 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4430 |
| DDI RULE 4432 | NGIOWEB - HTTP (REQUEST) | HIGH | | 2020/07/30 | DDI RULE 4432 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4432 |
| DDI RULE 4433 | APT - SUNFOU - HTTP (REQUEST) | HIGH | | 2020/07/30 | DDI RULE 4433 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4433 |
| DDI RULE 2793 | APT - WINNTI - HTTP (Response) | HIGH | | 2020/07/30 | DDI RULE 2793 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2793 |
| DDI RULE 2874 | ZEROSHELL RCE EXPLOIT - HTTP (Request) | HIGH | | 2020/07/30 | DDI RULE 2874 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2874 |
| DDI RULE 1764 | Possible Superfish SSL certificate detected | LOW | | 2020/07/29 | DDI RULE 1764 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1764 |
| DDI RULE 2890 | INFOSTEAL - HTTP (Request) - Variant 5 | HIGH | | 2020/07/28 | DDI RULE 2890 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2890 |
| DDI RULE 1052 | IP Malicious - Class 1 | LOW | | 2020/07/27 | DDI RULE 1052 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1052 |
| DDI RULE 4427 | APT - WELLMAIL - Malicious Certificate - SSL (Response) | HIGH | | 2020/07/23 | DDI RULE 4427 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4427 |
| DDI RULE 4428 | APT - WELLMESS - Malicious Certificate - SSL (Response) | HIGH | | 2020/07/23 | DDI RULE 4428 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4428 |
| DDI RULE 4425 | CVE-2020-1350 - DNS OVER TCP EXPLOIT - DNS (Response) | HIGH | | 2020/07/22 | DDI RULE 4425 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4425 |
| DDI RULE 4426 | CVE-2020-1350 - DNS OVER TCP EXPLOIT - TCP (Request) | HIGH | | 2020/07/22 | DDI RULE 4426 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4426 |
| DDI RULE 2000 | Metasploit(Payload) - Reverse DLL Inject - TCP (Response) | HIGH | | 2020/07/22 | DDI RULE 2000 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2000 |
| DDI RULE 2211 | Unsuccessful logon using default Administrator account - RDP | LOW | | 2020/07/20 | DDI RULE 2211 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2211 |
| DDI RULE 2213 | Possible Brute force using privileged user - RDP | LOW | | 2020/07/20 | DDI RULE 2213 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2213 |
| DDI RULE 2391 | Busybox Checking - TELNET (Request) | HIGH | | 2020/07/13 | DDI RULE 2391 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2391 |
| DDI RULE 4424 | CVE-2020-5902 - DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/07/09 | DDI RULE 4424 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4424 |
| DDI RULE 4322 | possible Directory Traversal Exploit Attempted - URI Path - HTTP (Request) - Variant 2 | HIGH | | 2020/07/09 | DDI RULE 4322 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4322 |
| DDI RULE 4321 | POWERTRICK - HTTP (REQUEST) | HIGH | | 2020/07/06 | DDI RULE 4321 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4321 |
| DDI RULE 4207 | CVE-2019-11354 - DOTPROJECT SQL Injection - HTTP (Request) | HIGH | | 2020/07/01 | DDI RULE 4207 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4207 |
| DDI RULE 2663 | APT - EXFRAM - TCP (Request) | HIGH | | 2020/06/23 | DDI RULE 2663 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2663 |
| DDI RULE 4309 | APT - LODEINFO - HTTP (Request) | HIGH | | 2020/06/23 | DDI RULE 4309 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4309 |
| DDI RULE 4311 | APT - BOTLODR - HTTP (REQUEST) | HIGH | | 2020/06/23 | DDI RULE 4311 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4311 |
| DDI RULE 4313 | MALXMR - HTTP (REQUEST) | HIGH | | 2020/06/23 | DDI RULE 4313 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4313 |
| DDI RULE 4305 | APT - KSDOOR - HTTP (REQUEST) | HIGH | | 2020/06/23 | DDI RULE 4305 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4305 |
| DDI RULE 4230 | APT - DATPER - HTTP (Request) | HIGH | | 2020/06/23 | DDI RULE 4230 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4230 |
| DDI RULE 2019 | APT - DALGAN - HTTP (Request) | HIGH | | 2020/06/23 | DDI RULE 2019 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2019 |
| DDI RULE 1774 | APT - Possible EMDIVI - HTTP (Request) - Variant 5 | LOW | | 2020/06/23 | DDI RULE 1774 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1774 |
| DDI RULE 1046 | APT - Connection attempt to an APT-related CNC server detected | HIGH | | 2020/06/23 | DDI RULE 1046 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1046 |
| DDI RULE 1549 | APT - WINNTI - HTTP (Request) | HIGH | | 2020/06/23 | DDI RULE 1549 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1549 |
| DDI RULE 1704 | APT - TALERET - HTTP (Request) - Variant 2 | HIGH | | 2020/06/23 | DDI RULE 1704 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1704 |
| DDI RULE 1139 | DORKBOT IRC Request - Class 1 | HIGH | | 2020/06/22 | DDI RULE 1139 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1139 |
| DDI RULE 2481 | DOWNLOADER - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2481 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2481 |
| DDI RULE 2467 | RETEFE - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2467 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2467 |
| DDI RULE 2443 | SPORA - Ransomware - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2443 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2443 |
| DDI RULE 4303 | Executable file download from root directory - HTTP (Response) | LOW | | 2020/06/17 | DDI RULE 4303 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4303 |
| DDI RULE 4304 | Executable file download - HTTP (Response) | LOW | | 2020/06/17 | DDI RULE 4304 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4304 |
| DDI RULE 4323 | CVE-2019-19781 - CITRIX ADC DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/17 | DDI RULE 4323 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4323 |
| DDI RULE 4355 | CVE-2020-8794 - OPENSMTPD RCE EXPLOIT - SMTP (RESPONSE) | HIGH | | 2020/06/17 | DDI RULE 4355 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4355 |
| DDI RULE 4423 | ACIDBAT - TCP (Request) | MEDIUM | | 2020/06/17 | DDI RULE 4423 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4423 |
| DDI RULE 4380 | CVE-2020-5722 - GRANDSTREAM RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/17 | DDI RULE 4380 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4380 |
| DDI RULE 4398 | CVE-2020-12109 - TPLINK RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/17 | DDI RULE 4398 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4398 |
| DDI RULE 2650 | ANDROM - HTTP (Response) | MEDIUM | | 2020/06/17 | DDI RULE 2650 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2650 |
| DDI RULE 2653 | PHOTOMINER - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2653 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2653 |
| DDI RULE 2715 | MINER CONFIG - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2715 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2715 |
| DDI RULE 2767 | Window Shell Remote Code Execution - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2767 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2767 |
| DDI RULE 2757 | ELF File requested from root directory - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2757 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2757 |
| DDI RULE 2731 | KAIXIN - Exploit Kit - HTTP (Response) - Variant 5 | HIGH | | 2020/06/17 | DDI RULE 2731 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2731 |
| DDI RULE 2504 | CVE-2017-9798 - APACHE OPTIONSBLEED Vulnerability - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2504 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2504 |
| DDI RULE 2514 | TERROR - Exploit Kit - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2514 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2514 |
| DDI RULE 2542 | MINER - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2542 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2542 |
| DDI RULE 2591 | KRBANKER - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2591 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2591 |
| DDI RULE 2585 | Ratankba Downloader - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2585 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2585 |
| DDI RULE 2608 | EMOTET - HTTP (Response) - Variant 2 | HIGH | | 2020/06/17 | DDI RULE 2608 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2608 |
| DDI RULE 2609 | HANCITOR - HTTP (Request) - Variant 3 | HIGH | | 2020/06/17 | DDI RULE 2609 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2609 |
| DDI RULE 2616 | Suspicious CWS Flash - HTTP (Response) | MEDIUM | | 2020/06/17 | DDI RULE 2616 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2616 |
| DDI RULE 2617 | GANDCRAB - Ransomware - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2617 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2617 |
| DDI RULE 2620 | Suspicious Executable File Download - HTTP (Response) | HIGH | | 2020/06/17 | DDI RULE 2620 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2620 |
| DDI RULE 4181 | TREVOR - HTTP (Response) | MEDIUM | | 2020/06/17 | DDI RULE 4181 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4181 |
| DDI RULE 2825 | CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request) | HIGH | | 2020/06/17 | DDI RULE 2825 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2825 |
| DDI RULE 2939 | CVE-2018-6961 VMWARE NSX RCE EXPLOIT - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 2939 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2939 |
| DDI RULE 4204 | CVE-2019-15107 WEBMIN RCE Exploit - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 4204 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4204 |
| DDI RULE 4111 | CVE-2009-5157 Linksys WAG54G2 RCE Exploit - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 4111 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4111 |
| DDI RULE 4113 | CVE-2019-12095 Horde Webmail Unauthenticated XSS Exploit - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 4113 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4113 |
| DDI RULE 4114 | CVE-2012-4869 PBX RCE Exploit - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 4114 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4114 |
| DDI RULE 2588 | CVE-2017-9822 DotNetNuke Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 2588 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2588 |
| DDI RULE 2517 | CVE-2017-14493 - DNSMASQ Buffer Overflow Exploit - DHCP (Request) | HIGH | | 2020/06/16 | DDI RULE 2517 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2517 |
| DDI RULE 2518 | CVE-2017-14496 - DNSMASQ Integer Underflow Exploit - DNS (Request) | HIGH | | 2020/06/16 | DDI RULE 2518 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2518 |
| DDI RULE 4391 | COBEACON - DNS (Response) | HIGH | | 2020/06/16 | DDI RULE 4391 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4391 |
| DDI RULE 4383 | CVE-2020-7961 - LIFERAY PORTAL RCE EXPLOIT - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 4383 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4383 |
| DDI RULE 4401 | CVE-2020-13118 - MIKROTIK SQL INJECT - HTTP (REQUEST) | HIGH | | 2020/06/16 | DDI RULE 4401 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4401 |
| DDI RULE 4324 | CVE-2019-20197 - NAGIOSXI Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 4324 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4324 |
| DDI RULE 4325 | CVE-2019-10758 - MONGODB RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/16 | DDI RULE 4325 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4325 |
| DDI RULE 4217 | CVE-2019-12991 - CITRIX SDWAN RCE - HTTP (Request) | HIGH | | 2020/06/16 | DDI RULE 4217 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4217 |
| DDI RULE 4242 | CVE-2018-18778 - ACME File Discovery Exploit - HTTP (RESPONSE) | MEDIUM | | 2020/06/16 | DDI RULE 4242 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4242 |
| DDI RULE 4248 | CVE-2019-2618 - WEBLOGIC FILE UPLOAD EXPLOIT - HTTP (REQUEST) | MEDIUM | | 2020/06/16 | DDI RULE 4248 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4248 |
| DDI RULE 4267 | CVE-2019-11043 - PHP RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/16 | DDI RULE 4267 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4267 |
| DDI RULE 4277 | CVE-2019-5127 - YOUPHPTUBE COMMAND INJECTION - HTTP (REQUEST) | HIGH | | 2020/06/16 | DDI RULE 4277 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4277 |
| DDI RULE 2253 | CVE-2016-2776 DNS ISC BIND TSIG EXPLOIT - DNS (Request) | HIGH | | 2020/06/16 | DDI RULE 2253 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2253 |
| DDI RULE 1531 | Possible SSL CVE-2014-0224 CCS Injection - Class 1 | MEDIUM | | 2020/06/16 | DDI RULE 1531 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1531 |
| DDI RULE 1010 | PE_XPAJ TCP Connection - Class 1 | HIGH | | 2020/06/15 | DDI RULE 1010 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1010 |
| DDI RULE 2448 | REGEORG - HTTP (Response) | HIGH | | 2020/06/15 | DDI RULE 2448 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2448 |
| DDI RULE 2377 | CVE-2017-9073 - Remote Code Execution - RDP | HIGH | | 2020/06/15 | DDI RULE 2377 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2377 |
| DDI RULE 4278 | CVE-2019-5121 - YOUPHPTUBE SQL INJECTION - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4278 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4278 |
| DDI RULE 4273 | CVE-2019-16278 - DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4273 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4273 |
| DDI RULE 4274 | CVE-2007-5693 - Sitebar Remote Code Execution EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4274 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4274 |
| DDI RULE 4251 | CVE-2019-16920 - DLINK RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4251 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4251 |
| DDI RULE 4218 | CVE-2014-4663 TIMTHUMB RCE Exploit- HTTP (Request) | HIGH | | 2020/06/15 | DDI RULE 4218 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4218 |
| DDI RULE 4339 | CVE-2018-7777 - SCHNEIDER RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4339 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4339 |
| DDI RULE 4333 | CVE-2019-18396 - TECHNICOLOR RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4333 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4333 |
| DDI RULE 4400 | CVE-2019-7193 - QNAP RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4400 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4400 |
| DDI RULE 4421 | CVE-2020-1301 - RCE DDOS EXPLOIT - SMB (Request) | MEDIUM | | 2020/06/15 | DDI RULE 4421 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4421 |
| DDI RULE 4422 | Possible CVE-2020-1206 - BLEED EXPLOIT - (Request) | MEDIUM | | 2020/06/15 | DDI RULE 4422 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4422 |
| DDI RULE 4379 | CVE-2019-20499 - DLINK DWL RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4379 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4379 |
| DDI RULE 4372 | CVE-2020-8949 - GOCLOUD RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4372 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4372 |
| DDI RULE 4373 | CVE-2020-9026 - ELTEX RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/15 | DDI RULE 4373 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4373 |
| DDI RULE 2589 | LOKI - HTTP (Response) | HIGH | | 2020/06/15 | DDI RULE 2589 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2589 |
| DDI RULE 2723 | MAGNITUDE - Exploit Kit - HTTP (Response) | HIGH | | 2020/06/15 | DDI RULE 2723 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2723 |
| DDI RULE 2750 | CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/06/15 | DDI RULE 2750 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2750 |
| DDI RULE 2701 | Possible EMOTET - HTTP (Response) - Variant 3 | HIGH | | 2020/06/15 | DDI RULE 2701 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2701 |
| DDI RULE 4112 | CVE-2019-12094 Horde Webmail Unauthenticated RCE Exploit - HTTP (Request) | HIGH | | 2020/06/15 | DDI RULE 4112 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4112 |
| DDI RULE 4188 | CVE-2014-3914 - Rocket Servergraph - RCE - HTTP (Request) | HIGH | | 2020/06/15 | DDI RULE 4188 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4188 |
| DDI RULE 4259 | MDMP File Upload | LOW | | 2020/06/12 | DDI RULE 4259 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4259 |
| DDI RULE 4260 | Log Files Upload | LOW | | 2020/06/12 | DDI RULE 4260 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4260 |
| DDI RULE 4403 | SSH on Non-Standard Port - Request | MEDIUM | | 2020/06/11 | DDI RULE 4403 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4403 |
| DDI RULE 4415 | JSPSPY Webshell - HTTP (Request) - Variant 2 | HIGH | | 2020/06/08 | DDI RULE 4415 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4415 |
| DDI RULE 4419 | Zyxel - Remote Code Execution - HTTP (Request) - Variant 2 | HIGH | | 2020/06/08 | DDI RULE 4419 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4419 |
| DDI RULE 4420 | SHELLRESET - DATA EXFILTRATION - HTTP (Request) | HIGH | | 2020/06/08 | DDI RULE 4420 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4420 |
| DDI RULE 2639 | CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request) | HIGH | | 2020/06/08 | DDI RULE 2639 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2639 |
| DDI RULE 4418 | Possible CVE-2020-0796 - SERVER COMPRESSION TRANSFORM EXPLOIT - SMB3 (Request) - Variant 2 | MEDIUM | | 2020/06/05 | DDI RULE 4418 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4418 |
| DDI RULE 4416 | CVE-2020-11963 - IQROUTER RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/06/04 | DDI RULE 4416 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4416 |
| DDI RULE 4417 | CVE-2020-11963 - IQROUTER RCE EXPLOIT - HTTP (REQUEST) - Variant 2 | HIGH | | 2020/06/04 | DDI RULE 4417 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4417 |
| DDI RULE 4402 | CVE-2020-11652 - Saltstack Directory Traversal - TCP (Request) | HIGH | | 2020/06/03 | DDI RULE 4402 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4402 |
| DDI RULE 4414 | ThinkPHP 5x Remote Code Execution - HTTP (Request) - Variant 2 | HIGH | | 2020/06/03 | DDI RULE 4414 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4414 |
| DDI RULE 4399 | CVE-2020-11651 - Saltstack Remote Code Execution Exploit - TCP (Request) | HIGH | | 2020/06/03 | DDI RULE 4399 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4399 |
| DDI RULE 2500 | Executable Image Download - HTTP (Response) | MEDIUM | | 2020/06/03 | DDI RULE 2500 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2500 |
| DDI RULE 4413 | Possible Directory Traversal Exploit Attempted SENSOR - HEADERS - HTTP (Request) | LOW | | 2020/06/02 | DDI RULE 4413 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4413 |
| DDI RULE 4412 | CVE-2020-8617 - NXNSATTACK - DNS (REQUEST) | HIGH | | 2020/06/01 | DDI RULE 4412 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4412 |
| DDI RULE 4397 | ACTIVE DIRECTORY GPO DEPLOY COMMAND - SMB2 (Response) | HIGH | | 2020/05/28 | DDI RULE 4397 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4397 |
| DDI RULE 2837 | CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request) | MEDIUM | | 2020/05/26 | DDI RULE 2837 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2837 |
| DDI RULE 2654 | Powershell - SMB | MEDIUM | | 2020/05/14 | DDI RULE 2654 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2654 |
| DDI RULE 4235 | Remote CreateService - SMB2 (Request) | HIGH | | 2020/05/14 | DDI RULE 4235 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4235 |
| DDI RULE 4236 | Meterpreter Powershell - SMB2 (Request) | HIGH | | 2020/05/14 | DDI RULE 4236 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4236 |
| DDI RULE 4395 | HADGLIDER - HTTP (REQUEST) | HIGH | | 2020/05/13 | DDI RULE 4395 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4395 |
| DDI RULE 4389 | APT - GRIFFON - HTTP (Request) | HIGH | | 2020/05/13 | DDI RULE 4389 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4389 |
| DDI RULE 4390 | CobaltStrike - HTTPS (Request) | LOW | | 2020/05/12 | DDI RULE 4390 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4390 |
| DDI RULE 4392 | CVE-2020-12078 - OPENAUDIT RCE EXPLOIT - HTTP (Request) | HIGH | | 2020/05/11 | DDI RULE 4392 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4392 |
| DDI RULE 4393 | CVE-2020-10808 - IFS UNIX EXPLOIT - FTP (Request) | HIGH | | 2020/05/11 | DDI RULE 4393 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4393 |
| DDI RULE 4394 | CVE-2020-2883 - WEBLOGIC T3 EXPLOIT - TCP (REQUEST) | HIGH | | 2020/05/11 | DDI RULE 4394 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4394 |
| DDI RULE 1641 | CVE-2014-6277 - SHELLSHOCK HTTP Exploit | HIGH | | 2020/05/11 | DDI RULE 1641 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1641 |
| DDI RULE 4387 | Possible SoftEther VPN Client - HTTPS (REQUEST) | MEDIUM | | 2020/05/06 | DDI RULE 4387 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4387 |
| DDI RULE 4386 | CVE-2020-3952 - VSPHERE EXPLOIT - LDAP (Request) | LOW | | 2020/05/05 | DDI RULE 4386 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4386 |
| DDI RULE 4385 | Invalid Credentials - LDAP (Response) | LOW | | 2020/05/04 | DDI RULE 4385 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4385 |
| DDI RULE 4384 | UNIX IFS SHELL RCE - HTTP (Request) | LOW | | 2020/04/29 | DDI RULE 4384 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4384 |
| DDI RULE 1502 | Possible Malformed Heartbeat SSL Response - Class 1 | MEDIUM | | 2020/04/29 | DDI RULE 1502 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1502 |
| DDI RULE 1503 | Possible Malformed Heartbeat SSL Response - Class 2 | MEDIUM | | 2020/04/29 | DDI RULE 1503 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1503 |
| DDI RULE 2363 | QAKBOT - Malicious certificate - SSL | HIGH | | 2020/04/28 | DDI RULE 2363 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2363 |
| DDI RULE 2412 | TRICKBOT - Malicious certificate - SSL | HIGH | | 2020/04/28 | DDI RULE 2412 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2412 |
| DDI RULE 2005 | Possible EDELLROOT certificate detected | HIGH | | 2020/04/28 | DDI RULE 2005 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2005 |
| DDI RULE 4382 | CGIBIN Unauthenticated Remote Code Execution - HTTP (REQUEST) - Variant 2 | HIGH | | 2020/04/27 | DDI RULE 4382 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4382 |
| DDI RULE 4381 | Possible Pseudorandom Subdomain Attack - DNS (Response) | LOW | | 2020/04/23 | DDI RULE 4381 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4381 |
| DDI RULE 4249 | NEGASTEAL - SMTP (Request) | HIGH | | 2020/04/22 | DDI RULE 4249 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4249 |
| DDI RULE 4297 | PAEXEC - SMB2 (REQUEST) | HIGH | | 2020/04/21 | DDI RULE 4297 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4297 |
| DDI RULE 2342 | IMEIJ - TCP | HIGH | | 2020/04/21 | DDI RULE 2342 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2342 |
| DDI RULE 1183 | ZBOT - DNS (Request) | MEDIUM | | 2020/04/20 | DDI RULE 1183 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1183 |
| DDI RULE 4337 | INFOSTEALER - HTTP (REQUEST) | HIGH | | 2020/04/13 | DDI RULE 4337 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4337 |
| DDI RULE 4376 | VALTAK - HTTP (REQUEST) - Variant 2 | HIGH | | 2020/04/02 | DDI RULE 4376 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4376 |
| DDI RULE 4377 | VALTAK - HTTP (REQUEST) | HIGH | | 2020/04/02 | DDI RULE 4377 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4377 |
| DDI RULE 4378 | PWNAGE - DNS (Response) | HIGH | | 2020/04/02 | DDI RULE 4378 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4378 |
| DDI RULE 2610 | Possible MEMCACHED Amplified DDOS Attempt - UDP (Request) | HIGH | | 2020/03/30 | DDI RULE 2610 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2610 |
| DDI RULE 2584 | POSGERAT Data Exfiltration - DNS (Response) | LOW | | 2020/03/30 | DDI RULE 2584 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2584 |
| DDI RULE 4199 | Amazon Phishing - DNS (Response) | HIGH | | 2020/03/30 | DDI RULE 4199 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4199 |
| DDI RULE 2280 | DUNIHI - TCP | HIGH | | 2020/03/30 | DDI RULE 2280 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2280 |
| DDI RULE 2308 | Possible DGA - DNS (Response) | MEDIUM | | 2020/03/30 | DDI RULE 2308 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2308 |
| DDI RULE 4374 | NETLINK GPON RCE EXPLOIT - HTTP(Request) | HIGH | | 2020/03/24 | DDI RULE 4374 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4374 |
| DDI RULE 4375 | CVE-2020-10221 - RCONFIG RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/03/24 | DDI RULE 4375 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4375 |
| DDI RULE 4265 | CVE-2019-16663 - RCONFIG RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/03/24 | DDI RULE 4265 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4265 |
| DDI RULE 4362 | CVE-2020-9054 - ZYXEL NAS - HTTP (REQUEST) | HIGH | | 2020/03/23 | DDI RULE 4362 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4362 |
| DDI RULE 2871 | Possible Directory Traversal Exploit Attempted - URI Variable/URI Path - HTTP (Request) | HIGH | | 2020/03/19 | DDI RULE 2871 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2871 |
| DDI RULE 1184 | Possible Directory Traversal Exploit Attempted - Messagebody - HTTP (Request) | LOW | | 2020/03/19 | DDI RULE 1184 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1184 |
| DDI RULE 4347 | Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 2 | HIGH | | 2020/03/18 | DDI RULE 4347 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4347 |
| DDI RULE 4223 | APT - Suspicious Cgi - HTTP (Request) | HIGH | | 2020/03/18 | DDI RULE 4223 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4223 |
| DDI RULE 4366 | Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 3 | LOW | | 2020/03/18 | DDI RULE 4366 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4366 |
| DDI RULE 4348 | Suspicious Cgi Arbitrary File Upload - HTTP (Request) | HIGH | | 2020/03/17 | DDI RULE 4348 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4348 |
| DDI RULE 4338 | Suspicious File Upload - HTTP (Request) | HIGH | | 2020/03/17 | DDI RULE 4338 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4338 |
| DDI RULE 4367 | CVE-2020-9351 - SMARTCLIENT - Exploit - HTTP (Request) | LOW | | 2020/03/16 | DDI RULE 4367 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4367 |
| DDI RULE 4368 | CVE-2020-9353 - SMARTCLIENT Directory Traversal Exploit - HTTP (Request) | LOW | | 2020/03/16 | DDI RULE 4368 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4368 |
| DDI RULE 4369 | CVE-2020-9353 - SMARTCLIENT File Upload Exploit - HTTP (Request) | LOW | | 2020/03/16 | DDI RULE 4369 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4369 |
| DDI RULE 4370 | CCTV-DVR Remote Code Execution - HTTP (Request) - Variant 2 | HIGH | | 2020/03/16 | DDI RULE 4370 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4370 |
| DDI RULE 4371 | CVE-2020-8515 - DRAYTEK VIGOR Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/03/16 | DDI RULE 4371 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4371 |
| DDI RULE 4365 | CVE-2020-0796 - SERVER COMPRESSION TRANSFORM EXPLOIT - SMB3 (Request) | HIGH | | 2020/03/16 | DDI RULE 4365 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4365 |
| DDI RULE 2385 | SOAP RCE EXPLOIT - HTTP (Request) | HIGH | | 2020/03/12 | DDI RULE 2385 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2385 |
| DDI RULE 4364 | RACCOON - HTTP (REQUEST) | HIGH | | 2020/03/11 | DDI RULE 4364 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4364 |
| DDI RULE 2867 | BELKIN Router - HTTP (Request) - Variant 2 | HIGH | | 2020/03/11 | DDI RULE 2867 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2867 |
| DDI RULE 2868 | ZTE Router - HTTP (Request) - Variant 2 | HIGH | | 2020/03/11 | DDI RULE 2868 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2868 |
| DDI RULE 4361 | DLINK Command Injection Exploit - HTTP (Request) - Variant 4 | HIGH | | 2020/03/09 | DDI RULE 4361 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4361 |
| DDI RULE 4363 | VIRTUALFREER RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/03/09 | DDI RULE 4363 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4363 |
| DDI RULE 4360 | Comtrend - Remote Command Execution Exploit - HTTP (REQUEST) | HIGH | | 2020/03/05 | DDI RULE 4360 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4360 |
| DDI RULE 4357 | CVE-2020-0688 - Microsoft Exchange Validation Key Remote Code Execution - HTTP (Request) | HIGH | | 2020/03/05 | DDI RULE 4357 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4357 |
| DDI RULE 4358 | Cloud Snooper - TCP Connection | HIGH | | 2020/03/05 | DDI RULE 4358 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4358 |
| DDI RULE 4359 | CVE-2020-9374 - TPLINK RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/03/05 | DDI RULE 4359 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4359 |
| DDI RULE 4316 | D-Link Unauthenticated Remote Code Execution in HTTP_ST - UDP (Request) | HIGH | | 2020/03/05 | DDI RULE 4316 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4316 |
| DDI RULE 4351 | CVE-2020-8813 - CACTI RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/03/04 | DDI RULE 4351 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4351 |
| DDI RULE 4356 | CVE-2019-17564 - Apache Dubbo Unauthenticated Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/03/04 | DDI RULE 4356 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4356 |
| DDI RULE 4353 | CVE-2019-19356 - NETIS Remote Code Execution - HTTP (Request) | HIGH | | 2020/03/03 | DDI RULE 4353 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4353 |
| DDI RULE 4354 | CVE-2020-1938 - TOMCAT AJP LFI EXPLOIT - TCP (Request) | MEDIUM | | 2020/03/03 | DDI RULE 4354 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4354 |
| DDI RULE 4287 | OpenNetAdmin Remote Code Execution Exploit (Request) | HIGH | | 2020/03/03 | DDI RULE 4287 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4287 |
| DDI RULE 4352 | ICMP SWEEP - ICMP (Request) | HIGH | | 2020/02/26 | DDI RULE 4352 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4352 |
| DDI RULE 4350 | CVE-2020-0618 - SQL Server Reporting Services Remote Code Execution Exploit - HTTP (Request) | MEDIUM | | 2020/02/25 | DDI RULE 4350 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4350 |
| DDI RULE 4328 | CVE-2019-20224 - Pandora FMS 7.0NG Authenticated Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/02/25 | DDI RULE 4328 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4328 |
| DDI RULE 2912 | CVE-2019-0604 SharePoint Remote Code Execution Exploit - HTTP (Request) | MEDIUM | | 2020/02/24 | DDI RULE 2912 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2912 |
| DDI RULE 4346 | Bottle - Exploit Kit - HTTP (Request) | HIGH | | 2020/02/19 | DDI RULE 4346 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4346 |
| DDI RULE 4345 | EMOTET - HTTP (Request) - Variant 7 | HIGH | | 2020/02/13 | DDI RULE 4345 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4345 |
| DDI RULE 4341 | WAGO PFC200 RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/02/12 | DDI RULE 4341 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4341 |
| DDI RULE 4343 | AVCON6 Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/02/12 | DDI RULE 4343 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4343 |
| DDI RULE 4344 | CHEVERETO Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/02/12 | DDI RULE 4344 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4344 |
| DDI RULE 4320 | EMOTET - HTTP (Request) - Variant 6 | MEDIUM | | 2020/02/12 | DDI RULE 4320 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4320 |
| DDI RULE 4329 | KindEditor Possible WebShell File Upload Exploit - HTTP (Request) | MEDIUM | | 2020/02/11 | DDI RULE 4329 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4329 |
| DDI RULE 4314 | CVE-2019-17621 - DLINK Remote Code Execution - HTTP (Request) | HIGH | | 2020/02/11 | DDI RULE 4314 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4314 |
| DDI RULE 4315 | CVE-2019-9692 - CMS Made Simple Showtime2 Arbitrary File Upload Exploit - HTTP (Request) | MEDIUM | | 2020/02/11 | DDI RULE 4315 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4315 |
| DDI RULE 4310 | CVE-2018-9021 - BROADCOM ACCESS MANAGER Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/02/11 | DDI RULE 4310 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4310 |
| DDI RULE 4270 | APACHE SOLR Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/02/11 | DDI RULE 4270 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4270 |
| DDI RULE 4286 | CVE-2017-12945 - Mersive Solstice Remote Code Execution Exploit (Request) | MEDIUM | | 2020/02/11 | DDI RULE 4286 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4286 |
| DDI RULE 4331 | CVE-2020-6757 - PIXELSTOR Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/02/11 | DDI RULE 4331 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4331 |
| DDI RULE 4332 | CVE-2017-9841 - PHPUnit Remote Code Execution Exploit - HTTP (Request) | MEDIUM | | 2020/02/11 | DDI RULE 4332 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4332 |
| DDI RULE 4334 | CVE-2020-7799 - FUSIONAUTH Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/02/11 | DDI RULE 4334 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4334 |
| DDI RULE 4335 | CVE-2020-7980 - Satellian Remote Code Execution - HTTP (Request) | HIGH | | 2020/02/11 | DDI RULE 4335 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4335 |
| DDI RULE 4288 | CVE-2019-5071 - TENDA RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/02/11 | DDI RULE 4288 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4288 |
| DDI RULE 4289 | CVE-2019-5072 - TENDA RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/02/11 | DDI RULE 4289 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4289 |
| DDI RULE 4275 | CVE-2019-7256 - LINEAR EMERGE Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2020/02/11 | DDI RULE 4275 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4275 |
| DDI RULE 4340 | ASTPP VOIP RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2020/02/10 | DDI RULE 4340 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4340 |
| DDI RULE 4336 | CVE-2019-19509 - rConfig Authenticated Remote Code Execution - HTTP (Request) | HIGH | | 2020/02/06 | DDI RULE 4336 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4336 |
| DDI RULE 2143 | SQLINJECT - HTTP (Request) | LOW | | 2020/02/05 | DDI RULE 2143 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2143 |
| DDI RULE 4294 | CVE-2019-1485 - VBScript Rremote Code Execution - HTTP (Request) | LOW | | 2020/02/03 | DDI RULE 4294 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4294 |
| DDI RULE 4330 | CVE-2020-0601 Spoofed Certificate Attempt - TLS (Response) | HIGH | | 2020/01/22 | DDI RULE 4330 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4330 |
| DDI RULE 4326 | APT - BISONAL - HTTP (Request) | HIGH | | 2020/01/22 | DDI RULE 4326 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4326 |
| DDI RULE 4327 | CVE-2019-19781 - CITRIX ADC EXPLOIT - HTTP (Response) | MEDIUM | | 2020/01/20 | DDI RULE 4327 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4327 |
| DDI RULE 4317 | APT - GH0STRAT - HTTP (Request) | HIGH | | 2020/01/14 | DDI RULE 4317 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4317 |
| DDI RULE 1572 | TROJAN - HTTP (Request) - Variant 43 | HIGH | | 2020/01/06 | DDI RULE 1572 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1572 |
| DDI RULE 1588 | TROJAN - HTTP (Request) - Variant 47 | HIGH | | 2020/01/06 | DDI RULE 1588 | /vinfo/de/threat-encyclopedia/network/ddi-rule-1588 |
| DDI RULE 2100 | NYMAIM - HTTP (Request) - Variant 2 | MEDIUM | | 2020/01/02 | DDI RULE 2100 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2100 |
| DDI RULE 2099 | NYMAIM - HTTP (Request) | HIGH | | 2020/01/02 | DDI RULE 2099 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2099 |
| DDI RULE 4312 | Umbraco CMS Remote Code Execution - HTTP (Request) - Variant 2 | HIGH | | 2020/01/02 | DDI RULE 4312 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4312 |
| DDI RULE 2710 | FLAWEDAMMYY - TCP (Request) | HIGH | | 2019/12/30 | DDI RULE 2710 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2710 |
| DDI RULE 2878 | APT - POORWEB - HTTP (Request) | HIGH | | 2019/12/23 | DDI RULE 2878 | /vinfo/de/threat-encyclopedia/network/ddi-rule-2878 |
| DDI RULE 4308 | KSDOOR - HTTP (REQUEST) - Variant 2 | MEDIUM | | 2019/12/23 | DDI RULE 4308 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4308 |
| DDI RULE 4306 | SQL INJECTION - EXPLOIT - HTTP (REQUEST) | HIGH | | 2019/12/23 | DDI RULE 4306 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4306 |
| DDI RULE 4307 | PUPY - Malicious Certificate - HTTPS (Response) | HIGH | | 2019/12/19 | DDI RULE 4307 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4307 |
| DDI RULE 4302 | Umbraco CMS Remote Code Execution - HTTP (Request) | HIGH | | 2019/12/17 | DDI RULE 4302 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4302 |
| DDI RULE 4299 | Remote Service execution through SMB2 SVCCTL detected | HIGH | | 2019/12/16 | DDI RULE 4299 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4299 |
| DDI RULE 4292 | MALPHISH - HTTP (REQUEST) - Variant 4 | HIGH | | 2019/12/16 | DDI RULE 4292 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4292 |
| DDI RULE 4293 | APACHE FLINK FILE UPLOAD EXPLOIT - HTTP (REQUEST) | MEDIUM | | 2019/12/10 | DDI RULE 4293 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4293 |
| DDI RULE 4295 | POSSIBLE JSP WEBSHELL UPLOAD EXPLOIT - HTTP (REQUEST) | MEDIUM | | 2019/12/10 | DDI RULE 4295 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4295 |
| DDI RULE 4290 | VIDAR - HTTP (Request) | HIGH | | 2019/12/09 | DDI RULE 4290 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4290 |
| DDI RULE 4281 | CVE-2019-15683 - TURBOVNC Buffer Overflow Exploit - TCP (REQUEST) | MEDIUM | | 2019/12/09 | DDI RULE 4281 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4281 |
| DDI RULE 4282 | CVE-2019-8274 - UltraVNC Buffer Overflow Exploit - TCP (REQUEST) | MEDIUM | | 2019/12/09 | DDI RULE 4282 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4282 |
| DDI RULE 4283 | CVE-2019-8276 - UltraVNC Buffer Overflow Exploit - TCP (REQUEST) | MEDIUM | | 2019/12/09 | DDI RULE 4283 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4283 |
| DDI RULE 4252 | CVE-2019-11540 Pulse Secure Cross-Site Script Inclusion - HTTP (Request) | LOW | | 2019/12/09 | DDI RULE 4252 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4252 |
| DDI RULE 4253 | CVE-2019-11507 Pulse Secure Cross-Site Scripting - HTTP (Request) | LOW | | 2019/12/09 | DDI RULE 4253 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4253 |
| DDI RULE 4254 | CVE-2019-11542 Pulse Secure Stack Buffer Overflow - HTTP (Request) | LOW | | 2019/12/09 | DDI RULE 4254 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4254 |
| DDI RULE 4255 | CVE-2019-11539 Pulse Secure Command Injection - HTTP (Request) | LOW | | 2019/12/09 | DDI RULE 4255 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4255 |
| DDI RULE 4224 | CVE-2019-15846 EXIM TLS Flaw - HTTPS (Request) | MEDIUM | | 2019/12/05 | DDI RULE 4224 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4224 |
| DDI RULE 4219 | GHOSTMINER - HTTP (Request) | HIGH | | 2019/12/05 | DDI RULE 4219 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4219 |
| DDI RULE 4231 | APT - SUSPICIOUS CGI - HTTP (Request) | HIGH | | 2019/12/05 | DDI RULE 4231 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4231 |
| DDI RULE 4232 | EMOTET - HTTP (Request) - Variant 5 | HIGH | | 2019/12/05 | DDI RULE 4232 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4232 |
| DDI RULE 4233 | Data Exfiltration - DNS (Response) - Variant 2 | MEDIUM | | 2019/12/05 | DDI RULE 4233 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4233 |
| DDI RULE 4234 | TFLOWER - Malicious Certificate - HTTPS (Response) | HIGH | | 2019/12/05 | DDI RULE 4234 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4234 |
| DDI RULE 4220 | RIG - Exploit Kit - HTTP (Request) - Variant 8 | HIGH | | 2019/12/05 | DDI RULE 4220 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4220 |
| DDI RULE 4221 | Jenkins RCE Exploit - HTTP (Request)- Variant 2 | HIGH | | 2019/12/05 | DDI RULE 4221 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4221 |
| DDI RULE 4228 | XSS Href Exploit - HTTP (Request) | HIGH | | 2019/12/05 | DDI RULE 4228 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4228 |
| DDI RULE 4229 | YEALINK VOIP - COMMAND INJECTION - HTTP (Request) | HIGH | | 2019/12/05 | DDI RULE 4229 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4229 |
| DDI RULE 4243 | APT - SUSPICIOUS CGI DIRECTORY TRAVERSAL - HTTP (REQUEST) | HIGH | | 2019/12/05 | DDI RULE 4243 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4243 |
| DDI RULE 4245 | PHPSTUDY - HTTP (REQUEST) | HIGH | | 2019/12/05 | DDI RULE 4245 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4245 |
| DDI RULE 4246 | Possible CVE-2019-16928 - Exim Buffer Overflow Exploit - SMTP (Request) | MEDIUM | | 2019/12/05 | DDI RULE 4246 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4246 |
| DDI RULE 4237 | CVE-2019-5475 - Nexus Repo Manager Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2019/12/05 | DDI RULE 4237 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4237 |
| DDI RULE 4238 | CVE-2019-12922 - PHPMYADMIN CSRF - HTTP (Request) | MEDIUM | | 2019/12/05 | DDI RULE 4238 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4238 |
| DDI RULE 4240 | PANMICRO ECO RCE EXPLOIT - HTTP (REQUEST) | HIGH | | 2019/12/05 | DDI RULE 4240 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4240 |
| DDI RULE 4241 | BHU WIFI RCE EXPLOIT - HTTP (REQUEST) | LOW | | 2019/12/05 | DDI RULE 4241 | /vinfo/de/threat-encyclopedia/network/ddi-rule-4241 |