Search

Description Name: Certificate fields with missing or useless data - SSL . This is Trend Micro detection for packets passing through HTTPS network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators ...

Description Name: Possible EVASION - FTP (Request) . This is Trend Micro detection for packets passing through FTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Sus...

Description Name: REGEORG - HTTP (Response) .

Description Name: Multiple unsuccessful logon attempts . This is Trend Micro detection for packets passing through any network protocols that manifests Login Attempt activities which can be a potential intrusion. Below are some indicators of unusual ...

Description Name: Suspicious File Upload - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network beha...

Description Name: Suspicious Cgi Arbitrary File Upload - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type o...

Description Name: Invalid Credentials - LDAP (Response) .

Description Name: Host DNS MX record query of a trusted domain . This is the Trend Micro detection for malicious N/A network packet

Description Name: Malformed DNS response . This is Trend Micro detection for packets passing through UDP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious...

Description Name: A default user attempted to log on to MSSQL service . This is Trend Micro detection for packets passing through MSSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some ind...

Description Name: A default user attempted to log on to POSTGRES service . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. Below are so...

Description Name: Unsuccessful log on to POSTGRES service - Wrong password . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. Below are ...

Description Name: A default user attempted to log on to the Oracle service . This is Trend Micro detection for packets passing through ORACLE network protocols that manifests Database Access activities which can be a potential intrusion. Below are so...

Description Name: Remote Service execution through SMB ATSVC detected . This is Trend Micro detection for packets passing through SMB network protocols that manifests Login Attempt actions which can be a potential intrusion. Below are some indicators...

Description Name: Mobile device accessing critical server . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behav...

Server 1007379* - TLS1.2 Signature Hash Algorithm Downgrade Attack Used In SLOTH - Server Suspicious Server Application Activity 1008492* - Identified SambaShell C&C Traffic 1005910* - Identified ntpd

Desktop Protocol Vulnerability (CVE-2012-2526) Suspicious Client Application Activity 1005067* - Identified Potentially Harmful Client Traffic 1005283* - Identified Potentially Malicious RAT Traffic - I

(CVE-2019-11944) Remote Login Applications 1004364* - TeamViewer (ATT&CK T1219) Suspicious Client Application Activity 1005299* - Identified Potentially Malicious RAT Traffic - III (ATT&CK T1094) 1005300* -

Vulnerability (CVE-2019-11969) SSL/TLS Server 1010312 - Identified Suspicious TLS Request 1010316 - Identified Suspicious TLS Request - 1 1010258* - Microsoft Windows Transport Layer Security Denial of Service

Description Name: RPC POSSIBLE DCSYNC - DCE (REQUEST) - Variant 2 . This is Trend Micro detection for packets passing through DCE network protocols that manifests Grayware activities which can be a potential intrusion. Below are some indicators of un...