Network Content Inspection Rules

Rule ID	Rule Description	Confidence Level	DDI Default Rule	Network Content Inspection Pattern Release Date
DDI RULE 4635	QAKBOT - HTTP (RESPONSE) - Variant 2	High		2021/11/02	DDI RULE 4635	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4635
DDI RULE 4634	Encryption Channel - HTTP(Request)	High		2021/10/27	DDI RULE 4634	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4634
DDI RULE 4257	ANTSWORD - HTTP (Request) - Variant 2	High		2021/10/18	DDI RULE 4257	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4257
DDI RULE 2889	ANTSWORD - HTTP (Request)	High		2021/10/18	DDI RULE 2889	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2889
DDI RULE 40	Unregistered service	Low		2021/10/18	DDI RULE 40	/vinfo/ph/threat-encyclopedia/network/ddi-rule-40
DDI RULE 4633	CVE-2021-41773 - APACHE TRAVERSAL RCE EXPLOIT - HTTP(REQUEST)	High		2021/10/13	DDI RULE 4633	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4633
DDI RULE 4632	ZLOADER - DNS(RESPONSE)	High		2021/10/12	DDI RULE 4632	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4632
DDI RULE 4631	DULLDOWN - HTTP(REQUEST)	High		2021/10/11	DDI RULE 4631	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4631
DDI RULE 1063	APT - DARKCOMET - TCP	High		2021/10/07	DDI RULE 1063	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1063
DDI RULE 4604	PETITPOTAM EFS NTLM RELAY ATTACK - SMB2(RESPONSE)	High		2021/10/06	DDI RULE 4604	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4604
DDI RULE 4485	CVE-2020-14882 - Oracle WebLogic Remote Code Execution Exploit - HTTP (Request)	High		2021/10/04	DDI RULE 4485	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4485
DDI RULE 4630	CVE-2021-22005 VCENTER DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)	High		2021/09/29	DDI RULE 4630	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4630
DDI RULE 4629	TRANSFER BASE64ENCODE PE FILE - HTTP(RESPONSE)	High		2021/09/27	DDI RULE 4629	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4629
DDI RULE 4528	Possible Wget Commandline Injection	Medium		2021/09/21	DDI RULE 4528	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4528
DDI RULE 4627	BLACKMATTER - HTTP(REQUEST)	High		2021/09/20	DDI RULE 4627	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4627
DDI RULE 4628	POWEMUDDY - HTTP(REQUEST)	High		2021/09/16	DDI RULE 4628	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4628
DDI RULE 4625	Possible HTTP SMUGGLING - HTTP(REQUEST)	High		2021/09/16	DDI RULE 4625	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4625
DDI RULE 4626	DONOFF - DNS(RESPONSE)	High		2021/09/14	DDI RULE 4626	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4626
DDI RULE 4152	COBALTSTRIKE - HTTP (Response)	High		2021/09/14	DDI RULE 4152	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4152
DDI RULE 4624	CVE-2021-31207 - EXCHANGE EXPLOIT - HTTP(RESPONSE)	High		2021/09/08	DDI RULE 4624	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4624
DDI RULE 4623	CVE-2021-26084 - CONFLUENCE OGNL RCE EXPLOIT - HTTP(REQUEST)	High		2021/09/07	DDI RULE 4623	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4623
DDI RULE 4621	CVE-2021-37161 - PTS SWISSLOG BUFFER OVERFLOW EXPLOIT - UDP (Request)	Medium		2021/09/06	DDI RULE 4621	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4621
DDI RULE 4622	CVE-2021-37164 - PTS SWISSLOG BUFFER OVERFLOW EXPLOIT - UDP (Request)	Medium		2021/09/06	DDI RULE 4622	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4622
DDI RULE 1200	Possible SYN Flood Detected	Low		2021/09/06	DDI RULE 1200	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1200
DDI RULE 2184	Possible Successful Logon Connection - RDP (Request)	Low		2021/09/06	DDI RULE 2184	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2184
DDI RULE 4558	REDLINE - HTTP (REQUEST)	High		2021/09/02	DDI RULE 4558	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4558
DDI RULE 4620	CVE-2021-22123 - FORTINET RCE - HTTP(EXPLOIT)	High		2021/08/31	DDI RULE 4620	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4620
DDI RULE 4342	CVE-2020-7247 - OPENSMTPD RCE EXPLOIT - SMTP (REQUEST)	High		2021/08/26	DDI RULE 4342	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4342
DDI RULE 4618	ICEID - HTTP(REQUEST)	High		2021/08/25	DDI RULE 4618	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4618
DDI RULE 4619	NEGASTEAL - FTP(REQUEST)	High		2021/08/23	DDI RULE 4619	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4619
DDI RULE 4617	SIP POSSIBLE BRUTEFORCE - UDP(RESPONSE)	Medium		2021/08/23	DDI RULE 4617	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4617
DDI RULE 4576	CVE-2021-31166 - HTTP Protocol RCE Exploit - HTTP (REQUEST)	High		2021/08/23	DDI RULE 4576	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4576
DDI RULE 4616	POSSIBLE ZEPPELIN - HTTP(REQUEST)	High		2021/08/19	DDI RULE 4616	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4616
DDI RULE 4615	ZEPPELIN - HTTP(REQUEST)	High		2021/08/18	DDI RULE 4615	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4615
DDI RULE 4612	MGCP POSSIBLE EXFIL - UDP(REQUEST)	Medium		2021/08/18	DDI RULE 4612	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4612
DDI RULE 4614	SNMP POSSIBLE BRUTEFORCE - UDP(REQUEST)	Low		2021/08/17	DDI RULE 4614	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4614
DDI RULE 4613	CVE-2021-31195 - EXCHANGE XSS - HTTP(EXPLOIT)	High		2021/08/16	DDI RULE 4613	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4613
DDI RULE 4593	CVE-2021-34473 - EXCHANGE SSRF EXPLOIT - HTTP(REQUEST)	High		2021/08/12	DDI RULE 4593	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4593
DDI RULE 4611	CVE-2021-26432 - NFS BUFFEROVERLOW EXPLOIT - UDP(REQUEST)	High		2021/08/11	DDI RULE 4611	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4611
DDI RULE 4589	Possible CVE-2021-34527 - Windows Print Spooler RCE - DCE (Request)	Low		2021/08/10	DDI RULE 4589	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4589
DDI RULE 4609	PAYLOADBIN - HTTP (REQUEST) - Variant 1	High		2021/08/05	DDI RULE 4609	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4609
DDI RULE 4602	NBT-NS Query Response	Medium		2021/08/05	DDI RULE 4602	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4602
DDI RULE 4605	PAYLOADBIN - HTTP(REQUEST)	High		2021/08/03	DDI RULE 4605	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4605
DDI RULE 4601	LLMNR Query Response	Medium		2021/07/29	DDI RULE 4601	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4601
DDI RULE 4603	ApexOne File Upload Exploit- HTTP(REQUEST)	High		2021/07/27	DDI RULE 4603	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4603
DDI RULE 4594	COBALTSTRIKE - HTTP(REQUEST) - Variant 3	High		2021/07/27	DDI RULE 4594	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4594
DDI RULE 4597	HACKADEMY - HTTP(RESPONSE)	High		2021/07/21	DDI RULE 4597	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4597
DDI RULE 4598	CVE-2021-3129 - LARAVEL RCE EXPLOIT - HTTP(REQUEST)	High		2021/07/21	DDI RULE 4598	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4598
DDI RULE 4599	KASEYA AUTHBYPASS EXPLOIT - HTTP(REQUEST)	High		2021/07/21	DDI RULE 4599	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4599
DDI RULE 4596	LOADSELL - HTTP(REQUEST)	High		2021/07/20	DDI RULE 4596	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4596
DDI RULE 4595	NJRAT - TCP (REQUEST) - Variant 2	High		2021/07/19	DDI RULE 4595	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4595
DDI RULE 4531	RPC SECRETSDUMP DCSYNC - DCE (REQUEST)	Medium		2021/07/19	DDI RULE 4531	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4531
DDI RULE 4581	STOP - HTTP (REQUEST)	High		2021/07/15	DDI RULE 4581	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4581
DDI RULE 4592	REDLINE - HTTP(RESPONSE)	High		2021/07/14	DDI RULE 4592	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4592
DDI RULE 4591	REVIL - HTTP(REQUEST)	High		2021/07/12	DDI RULE 4591	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4591
DDI RULE 4588	Possible CVE-2021-34527 - Windows Print Spooler RCE - SMB (Request)	Low		2021/07/12	DDI RULE 4588	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4588
DDI RULE 1109	TDSS - HTTP (Request)	High		2021/07/01	DDI RULE 1109	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1109
DDI RULE 4483	Remote Access Tool - VNC (Request)	High		2021/06/23	DDI RULE 4483	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4483
DDI RULE 4587	REVENGERAT - TCP(REQUEST)	High		2021/06/21	DDI RULE 4587	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4587
DDI RULE 2007	URSNIF - HTTP (Request) - Variant 3	High		2021/06/17	DDI RULE 2007	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2007
DDI RULE 4586	Remote Tools Certificate - SSL	Medium		2021/06/15	DDI RULE 4586	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4586
DDI RULE 4583	CVE-2021-21985 - VMWARE VSAN PLUGIN RCE EXPLOIT - HTTP (REQUEST)	High		2021/06/07	DDI RULE 4583	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4583
DDI RULE 4584	Malicious Certificate SHA1 Hash - SSL	High		2021/06/03	DDI RULE 4584	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4584
DDI RULE 4585	CVE-2017-12617 - APACHE TOMCAT PUT METHOD RCE - HTTP (REQUEST)	Medium		2021/06/03	DDI RULE 4585	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4585
DDI RULE 4582	LEMON DUCK - HTTP (REQUEST)	High		2021/06/03	DDI RULE 4582	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4582
DDI RULE 4571	Possible Suspicious Named Pipe - SMB2 (REQUEST)	Medium		2021/05/28	DDI RULE 4571	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4571
DDI RULE 4580	PROMETEI - HTTP (REQUEST)	High		2021/05/27	DDI RULE 4580	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4580
DDI RULE 4579	DENES - DNS (RESPONSE)	High		2021/05/26	DDI RULE 4579	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4579
DDI RULE 4572	GLUPTEBA - HTTP (REQUEST)	High		2021/05/25	DDI RULE 4572	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4572
DDI RULE 4577	MAGNIBER EK for Internet Explorer - HTTP (RESPONSE)	High		2021/05/24	DDI RULE 4577	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4577
DDI RULE 4578	CVE-2021-28482 - MS EXCHANGE DESERIALIZATION RCE EXPLOIT - HTTP (REQUEST)	Medium		2021/05/20	DDI RULE 4578	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4578
DDI RULE 4575	DENES - HTTP (REQUEST)	High		2021/05/20	DDI RULE 4575	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4575
DDI RULE 1541	EMOTET - HTTP (Request)	High		2021/05/18	DDI RULE 1541	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1541
DDI RULE 1618	CVE-2014-6271 - Shellshock HTTP Request	High		2021/05/12	DDI RULE 1618	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1618
DDI RULE 1642	CVE-2014-6278 - SHELLSHOCK HTTP Exploit	High		2021/05/12	DDI RULE 1642	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1642
DDI RULE 2348	CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request)	High		2021/05/12	DDI RULE 2348	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2348
DDI RULE 4573	CVE-2021-31181 - SHAREPOINT RCE EXPLOIT - HTTP (REQUEST)	High		2021/05/12	DDI RULE 4573	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4573
DDI RULE 4569	CVE-2021-27065 - MS EXCHANGE FILE WRITE RCE EXPLOIT - HTTP (REQUEST)	Medium		2021/05/11	DDI RULE 4569	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4569
DDI RULE 4570	COBALTSTRIKE - DNS (Response) - Variant 2	High		2021/05/11	DDI RULE 4570	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4570
DDI RULE 2034	RANSOM CRYPTESLA - HTTP (Request) - Variant 5	High		2021/05/11	DDI RULE 2034	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2034
DDI RULE 2117	DEMOCRY - Ransomware - HTTP (Request)	High		2021/05/11	DDI RULE 2117	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2117
DDI RULE 4567	BOXTER - HTTP (RESPONSE)	High		2021/05/06	DDI RULE 4567	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4567
DDI RULE 4568	BOXTER - HTTP (REQUEST)	High		2021/05/06	DDI RULE 4568	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4568
DDI RULE 4565	CVE-2021-24085 - EXCHANGE CSRF EXPLOIT - HTTP (REQUEST)	High		2021/05/06	DDI RULE 4565	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4565
DDI RULE 2786	ThinkPHP 5x Remote Code Execution - HTTP (Request)	High		2021/05/04	DDI RULE 2786	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2786
DDI RULE 4566	CVE-2020-17047 - Network File System RPC DOS EXPLOIT - TCP (REQUEST)	High		2021/05/03	DDI RULE 4566	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4566
DDI RULE 4564	CVE-2020-8243 - PULSE RCE EXPLOIT - HTTP (REQUEST)	High		2021/04/29	DDI RULE 4564	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4564
DDI RULE 4560	CVE-2021-20023 - SONICWALL DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)	High		2021/04/28	DDI RULE 4560	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4560
DDI RULE 4562	CVE-2019-9670 - ZIMBRA SUITE XXE EXPLOIT - HTTP (REQUEST)	High		2021/04/28	DDI RULE 4562	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4562
DDI RULE 4563	CVE-2020-8260 - PULSE RCE EXPLOIT - HTTP (REQUEST)	High		2021/04/26	DDI RULE 4563	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4563
DDI RULE 4561	CVE-2020-4006 - VMWARE CONFIGURATOR COMMAND INJECTION - HTTP (REQUEST)	High		2021/04/26	DDI RULE 4561	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4561
DDI RULE 4559	CVE-2019-11510 - PULSE INFORMATION DISCLOSURE - HTTP (REQUEST)	High		2021/04/26	DDI RULE 4559	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4559
DDI RULE 4551	CVE-2021-21975 - VREALIZE API SSRF EXPLOIT - HTTP (REQUEST)	Low		2021/04/21	DDI RULE 4551	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4551
DDI RULE 4557	PANDASTEALER - HTTP (REQUEST)	High		2021/04/21	DDI RULE 4557	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4557
DDI RULE 4550	POSSIBLE PASSWORD SPRAY - LDAP (RESPONSE)	Medium		2021/04/19	DDI RULE 4550	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4550
DDI RULE 4555	CVE-2018-13374 - FORTIOS INFORMATION DISCLOSURE - HTTP (REQUEST)	High		2021/04/19	DDI RULE 4555	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4555
DDI RULE 4556	Possible CVE-2018-13374 - FORTIOS INFORMATION DISCLOSURE - HTTP (REQUEST)	Low		2021/04/19	DDI RULE 4556	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4556
DDI RULE 4553	CVE-2018-13379 - FORTIOS DIRECTORY TRAVERSAL - HTTP (REQUEST)	High		2021/04/15	DDI RULE 4553	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4553
DDI RULE 4554	RCLONE - HTTP (REQUEST)	High		2021/04/15	DDI RULE 4554	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4554
DDI RULE 1561	APT - PLUGX Malformed request - DNS	High		2021/04/15	DDI RULE 1561	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1561
DDI RULE 4552	CVE-2021-21983 - VREALIZE API FILE RCE EXPLOIT - HTTP (REQUEST)	High		2021/04/13	DDI RULE 4552	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4552
DDI RULE 4548	GET2 LOADER - HTTP (Request)	High		2021/04/07	DDI RULE 4548	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4548
DDI RULE 4549	CHOPPER - HTTP (Response)	Medium		2021/04/07	DDI RULE 4549	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4549
DDI RULE 4532	CVE-2021-26855 - Exchange Server Side Request Forgery Exploit - HTTP (REQUEST) - Variant 2	High		2021/04/06	DDI RULE 4532	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4532
DDI RULE 4547	SDBOT - TCP (REQUEST)	High		2021/04/05	DDI RULE 4547	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4547
DDI RULE 4543	CVE-2021-25274 - Solarwinds Orion Remote Code Execution Exploit - TCP (REQUEST)	High		2021/03/25	DDI RULE 4543	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4543
DDI RULE 4544	CVE-2021-27561 - YEALINK RCE EXPLOIT - HTTP (REQUEST)	High		2021/03/25	DDI RULE 4544	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4544
DDI RULE 4545	CVE-2021-22502 - MICROFOCUS RCE EXPLOIT - HTTP (REQUEST)	High		2021/03/25	DDI RULE 4545	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4545
DDI RULE 4546	QUASAR - TCP (RESPONSE)	High		2021/03/25	DDI RULE 4546	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4546
DDI RULE 4539	CVE-2020-17530 - APACHE STRUTS OGNL RCE EXPLOIT - HTTP (REQUEST)	High		2021/03/24	DDI RULE 4539	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4539
DDI RULE 4540	CVE-2021-22991 - F5 BIG-IP TSM BUFFER OVERFLOW EXPLOIT - HTTP(REQUEST)	High		2021/03/24	DDI RULE 4540	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4540
DDI RULE 4541	CVE-2021-22992 - F5 BIG-IP ASM BUFFER OVERFLOW EXPLOIT - HTTP(RESPONSE)	High		2021/03/24	DDI RULE 4541	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4541
DDI RULE 4542	CVE-2021-22986 - F5 BIG-IP iCONTROL RCE EXPLOIT - HTTP(REQUEST)	High		2021/03/24	DDI RULE 4542	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4542
DDI RULE 4456	File Upload through SMB or SMB2	Low		2021/03/24	DDI RULE 4456	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4456
DDI RULE 4457	File Download through SMB or SMB2	Low		2021/03/24	DDI RULE 4457	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4457
DDI RULE 4538	CVE-2020-17518 - APACHE FLINK DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)	High		2021/03/23	DDI RULE 4538	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4538
DDI RULE 4516	MESTRE - IRC (REQUEST)	High		2021/03/23	DDI RULE 4516	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4516
DDI RULE 2598	PsExec PETYA - Ransomware - SMB2	High		2021/03/23	DDI RULE 2598	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2598
DDI RULE 2021	NUCLEAR - Exploit kit - HTTP (Request) - Variant 3	Medium		2021/03/22	DDI RULE 2021	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2021
DDI RULE 4504	LOKIBOT - HTTP (REQUEST)	High		2021/03/18	DDI RULE 4504	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4504
DDI RULE 4536	APT - MANGZAMEL - TCP (Request)	High		2021/03/17	DDI RULE 4536	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4536
DDI RULE 4239	CVE-2019-16759 - VBulletin Remote Command Execution - HTTP (Request)	High		2021/03/17	DDI RULE 4239	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4239
DDI RULE 4537	CVE-2020-5847 - UNRAID RCE EXPLOIT - HTTP (REQUEST)	High		2021/03/16	DDI RULE 4537	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4537
DDI RULE 4530	DCERPC WMIEXECPY - (REQUEST)	High		2021/03/16	DDI RULE 4530	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4530
DDI RULE 4529	APT - REMOTE EXECUTION ZABBIX - TCP (REQUEST)	High		2021/03/16	DDI RULE 4529	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4529
DDI RULE 4525	CVE-2021-21972 - VSPHERE RCE EXPLOIT - HTTP (REQUEST)	High		2021/03/16	DDI RULE 4525	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4525
DDI RULE 4533	CVE-2021-26877 - RCE EXPLOIT - DNS (REQUEST)	High		2021/03/15	DDI RULE 4533	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4533
DDI RULE 4534	CVE-2021-26897 - OVER TCP RCE EXPLOIT - DNS (REQUEST)	High		2021/03/15	DDI RULE 4534	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4534
DDI RULE 4535	CVE-2021-27076 - Sharepoint Remote Code Execution Exploit - HTTP (REQUEST)	High		2021/03/15	DDI RULE 4535	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4535
DDI RULE 2057	CRYDAP - Ransomware - HTTP (Request)	High		2021/03/11	DDI RULE 2057	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2057
DDI RULE 2452	Wget Commandline Injection	Medium		2021/03/10	DDI RULE 2452	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2452
DDI RULE 4526	DEWMODE - HTTP (REQUEST)	High		2021/03/10	DDI RULE 4526	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4526
DDI RULE 4527	CVE-2021-26855 - Exchange Server Side Request Forgery Exploit SB - HTTP (REQUEST)	High		2021/03/09	DDI RULE 4527	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4527
DDI RULE 4523	Fobushell - HTTP (Request)	High		2021/03/03	DDI RULE 4523	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4523
DDI RULE 4524	Possible Renamed PSEXEC Service - SMB2 (Request)	Medium		2021/03/03	DDI RULE 4524	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4524
DDI RULE 4522	CVE-2021-24072 - SHAREPOINT RCE EXPLOIT - HTTP (REQUEST)	High		2021/02/15	DDI RULE 4522	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4522
DDI RULE 4520	CVE-2021-24078 - Remote Comand Execution Exploit - DNS (RESPONSE)	High		2021/02/11	DDI RULE 4520	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4520
DDI RULE 4521	CVE-2021-1707 - Sharepoint Remote Code Execution Exploit - HTTP (REQUEST)	High		2021/02/11	DDI RULE 4521	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4521
DDI RULE 2472	CARBANAK - DNS (Response)	High		2021/02/11	DDI RULE 2472	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2472
DDI RULE 1542	Possible CONFICKER DNS Response	High		2021/02/11	DDI RULE 1542	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1542
DDI RULE 1543	Possible CRILOCK DNS Response	High		2021/02/11	DDI RULE 1543	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1543
DDI RULE 1544	Possible CAPHAW DNS Response	High		2021/02/11	DDI RULE 1544	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1544
DDI RULE 4518	Possible NAT Slipstreaming - TCP (Request)	Medium		2021/02/10	DDI RULE 4518	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4518
DDI RULE 4519	COBALTSTRIKE - HTTPS (REQUEST)	High		2021/02/09	DDI RULE 4519	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4519
DDI RULE 2544	JAWS Remote Code Execution Exploit - HTTP (Request)	High		2021/02/09	DDI RULE 2544	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2544
DDI RULE 4517	TORRENTLOCKER - HTTPS (REQUEST)	High		2021/02/02	DDI RULE 4517	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4517
DDI RULE 4512	TRICKBOT - HTTPS (REQUEST)	High		2021/02/02	DDI RULE 4512	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4512
DDI RULE 4513	EMPIRE - HTTPS (REQUEST)	High		2021/02/01	DDI RULE 4513	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4513
DDI RULE 4514	METASPLOIT - HTTPS (REQUEST) - Malicious SSL Connection	High		2021/02/01	DDI RULE 4514	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4514
DDI RULE 4515	QAKBOT - HTTP (RESPONSE)	High		2021/02/01	DDI RULE 4515	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4515
DDI RULE 4506	CVE-2021-2109 - Oracle WebLogic Remote Code Execution Exploit - HTTP (Request)	High		2021/01/28	DDI RULE 4506	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4506
DDI RULE 4507	GOOTKIT - HTTPS (REQUEST)	High		2021/01/28	DDI RULE 4507	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4507
DDI RULE 4508	GOZI - HTTPS (REQUEST)	High		2021/01/28	DDI RULE 4508	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4508
DDI RULE 4509	CVE-2019-11229 - Gitea Remote Code Execution Exploit - HTTP (Request)	High		2021/01/28	DDI RULE 4509	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4509
DDI RULE 4510	RANSOM TROLDESH - HTTPS (REQUEST)	High		2021/01/28	DDI RULE 4510	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4510
DDI RULE 4511	QUAKBOT - HTTPS (REQUEST)	High		2021/01/28	DDI RULE 4511	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4511
DDI RULE 4502	DRIDEX - HTTPS (REQUEST)	High		2021/01/27	DDI RULE 4502	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4502
DDI RULE 4505	RANSOM CRYPTOLOCK - HTTPS (REQUEST)	High		2021/01/27	DDI RULE 4505	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4505
DDI RULE 4503	SILENTNIGHT- ZLOADER - HTTP(RESPONSE)	Medium		2021/01/26	DDI RULE 4503	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4503
DDI RULE 4498	Sanfor EDR Remote Code Execution Exploit - HTTP (Request)	High		2021/01/25	DDI RULE 4498	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4498
DDI RULE 4467	APT - WATERTIGER - HTTP (Response)	High		2021/01/25	DDI RULE 4467	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4467
DDI RULE 4501	Too many FTP Error Code 421 - FTP (Response)	Medium		2021/01/20	DDI RULE 4501	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4501
DDI RULE 4490	XML External Entity File Disclosure - HTTP (Request)	Medium		2021/01/13	DDI RULE 4490	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4490
DDI RULE 1816	GATAK - HTTP (Request) - Variant 2	High		2021/01/11	DDI RULE 1816	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1816
DDI RULE 4499	Top-App LB SQL Injection Exploit - HTTP (Request)	High		2020/12/29	DDI RULE 4499	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4499
DDI RULE 4497	SQL Injection Exploit - HTTP (Request) - Variant 2	Medium		2020/12/28	DDI RULE 4497	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4497
DDI RULE 4500	GRP-u8 SQL Injection - HTTP (Request)	High		2020/12/28	DDI RULE 4500	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4500
DDI RULE 4494	CVE-2020-17051 - NFS Exploit - UDP (REQUEST)	Medium		2020/12/23	DDI RULE 4494	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4494
DDI RULE 4495	Potential Social Security Info on TXT/CSV attachment - HTTP (Request)	Medium		2020/12/23	DDI RULE 4495	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4495
DDI RULE 4496	Potential Credit Card Info on TXT/CSV attachment - HTTP (Request)	Medium		2020/12/23	DDI RULE 4496	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4496
DDI RULE 4453	CVE-2020-1472 - Zerologon Privilege Escalation - DCERPC (Request)	High		2020/12/23	DDI RULE 4453	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4453
DDI RULE 4493	CVE-2020-17121 - SHAREPOINT RCE EXPLOIT - HTTP (Request)	Medium		2020/12/21	DDI RULE 4493	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4493
DDI RULE 4492	SUPERNOVA WEBSHELL - HTTP (RESPONSE)	High		2020/12/17	DDI RULE 4492	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4492
DDI RULE 4491	SUNBURST - DNS (RESPONSE)	High		2020/12/15	DDI RULE 4491	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4491
DDI RULE 4486	CVE-2020-11974 - Apache DolphinScheduler Remote Code Execution Exploit - HTTP (Request)	High		2020/12/15	DDI RULE 4486	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4486
DDI RULE 4487	CVE-2020-5791 - Nagios XI Command Injection - HTTP (Request)	High		2020/12/15	DDI RULE 4487	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4487
DDI RULE 4488	CVE-2020-5398 - Spring Framework Reflected File Download Exploit - HTTP (Request)	High		2020/12/15	DDI RULE 4488	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4488
DDI RULE 4489	CVE-2019-8394 - ZOHO FILEUPLOAD EXPLOIT - HTTP (REQUEST)	Medium		2020/12/14	DDI RULE 4489	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4489
DDI RULE 4482	Browser Exploitation Framework Tool - HTTP (Request)	Medium		2020/12/14	DDI RULE 4482	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4482
DDI RULE 4484	GOLDENSPY - HTTP (REQUEST)	High		2020/12/14	DDI RULE 4484	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4484
DDI RULE 4447	Potential Credit Card Info on ICMP Echo - ICMP (Request)	Medium		2020/12/14	DDI RULE 4447	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4447
DDI RULE 1471	JACKPOS - HTTP (Request)	High		2020/12/14	DDI RULE 1471	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1471
DDI RULE 4481	SQL Injection Exploit - HTTP (Request)	Medium		2020/12/03	DDI RULE 4481	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4481
DDI RULE 2492	KARAGANY - HTTP (Request)	High		2020/12/02	DDI RULE 2492	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2492
DDI RULE 4478	CVE-2020-2551 - Oracle Weblogic Remote Code Execution Exploit - TCP (Request)	High		2020/11/26	DDI RULE 4478	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4478
DDI RULE 4479	NTLM v1 Authentication - SMB (Request)	Medium		2020/11/24	DDI RULE 4479	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4479
DDI RULE 4480	XXL-JOB Remote Code Execution Exploit - HTTP (REQUEST)	High		2020/11/24	DDI RULE 4480	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4480
DDI RULE 4462	Metasploit (Payload) - RC4 Encrypted Reverse TCP - TCP (Request)	Medium		2020/11/19	DDI RULE 4462	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4462
DDI RULE 1706	LDAP SASL Connection Detected	High		2020/11/19	DDI RULE 1706	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1706
DDI RULE 4477	Remote System Discovery - LDAP (REQUEST) - Variant 2	High		2020/11/11	DDI RULE 4477	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4477
DDI RULE 2713	AVTECH Command Injection - Multiple Exploits - HTTP (Request)	High		2020/11/10	DDI RULE 2713	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2713
DDI RULE 4476	WOL- Wake on lan - UDP (REQUEST)	High		2020/11/06	DDI RULE 4476	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4476
DDI RULE 2018	DUNIHI HTTP Response	High		2020/11/05	DDI RULE 2018	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2018
DDI RULE 4474	File renamed - RYUK - Ransomware - SMB (Request)	High		2020/11/03	DDI RULE 4474	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4474
DDI RULE 4475	File renamed - RYUK - Ransomware - SMB2 (Request)	High		2020/11/03	DDI RULE 4475	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4475
DDI RULE 4473	MSXSL Code Execution - HTTP (Response)	Medium		2020/11/02	DDI RULE 4473	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4473
DDI RULE 4471	CVE-2016-4977 - Spring Security OAuth Remote Code Execution Exploit - HTTP (Request)	Medium		2020/10/29	DDI RULE 4471	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4471
DDI RULE 4472	POSSIBLE NGROK - HTTPS (REQUEST)	Medium		2020/10/27	DDI RULE 4472	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4472
DDI RULE 4470	CVE-2020-16952 - Microsoft SharePoint Remote Code Execution - HTTP (Request)	High		2020/10/26	DDI RULE 4470	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4470
DDI RULE 1068	APT - GHOSTRAT - TCP	High		2020/10/26	DDI RULE 1068	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1068
DDI RULE 2333	CVE-2017-0016 - Tree Connect Denial of Service Exploit - SMB2 (Response)	High		2020/10/19	DDI RULE 2333	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2333
DDI RULE 2247	DEMO RULE - SMB (Request)	High		2020/10/19	DDI RULE 2247	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2247
DDI RULE 4469	APT - COBALTSRIKE - HTTP (RESPONSE)	High		2020/10/19	DDI RULE 4469	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4469
DDI RULE 4222	PST File Upload	Low		2020/10/19	DDI RULE 4222	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4222
DDI RULE 4468	CVE-2020-16898 - EXPLOIT - ICMPv6 (REQUEST)	High		2020/10/15	DDI RULE 4468	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4468
DDI RULE 4466	PsExec Clones - SMB2 (Request)	High		2020/10/14	DDI RULE 4466	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4466
DDI RULE 4465	Remote System Discovery - LSARPC (REQUEST)	Medium		2020/10/08	DDI RULE 4465	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4465
DDI RULE 4463	QAKBOT - Malicious Certificate - SSL - Variant 3	High		2020/10/08	DDI RULE 4463	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4463
DDI RULE 4455	CVE-2020-1472 - Zerologon Privilege Escalation - SMB2 (Request)	Medium		2020/10/08	DDI RULE 4455	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4455
DDI RULE 4459	CVE-2020-1472 - Zerologon Privilege Escalation - SMB (Request)	High		2020/10/08	DDI RULE 4459	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4459
DDI RULE 4300	WMI Command Execution - DCERPC (Request)	Low		2020/10/08	DDI RULE 4300	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4300
DDI RULE 1022	WMI Remote Registry - DCERPC (Request)	Low		2020/10/08	DDI RULE 1022	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1022
DDI RULE 4464	Remote System Discovery - LDAP (REQUEST)	Medium		2020/10/07	DDI RULE 4464	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4464
DDI RULE 2849	CVE-2019-9194-HTTP RCE - ELFINDER (Request)	High		2020/10/07	DDI RULE 2849	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2849
DDI RULE 4460	CVE-2017-17485 - Jackson Databind Remote Code Execution Exploit - HTTP (Request)	High		2020/10/05	DDI RULE 4460	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4460
DDI RULE 4461	CVE-2017-7504 - JBossMQ JMS Invocation Layer Exploit - HTTP (Request)	High		2020/10/05	DDI RULE 4461	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4461
DDI RULE 2212	Possible Brute force - RDP	Low		2020/10/05	DDI RULE 2212	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2212
DDI RULE 2388	Unsuccessful logon - RDP	Low		2020/10/05	DDI RULE 2388	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2388
DDI RULE 4142	SSL Connection	Low		2020/09/29	DDI RULE 4142	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4142
DDI RULE 4143	Malicious SSL Client Connection	High		2020/09/29	DDI RULE 4143	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4143
DDI RULE 4144	Malicious SSL Server Connection	High		2020/09/29	DDI RULE 4144	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4144
DDI RULE 4145	Malicious SSL Connection	High		2020/09/29	DDI RULE 4145	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4145
DDI RULE 4146	Suspicious SSL Connection	Medium		2020/09/29	DDI RULE 4146	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4146
DDI RULE 4147	Suspicious SSL Client Connection	Low		2020/09/29	DDI RULE 4147	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4147
DDI RULE 4148	Suspicious SSL Server Connection	Low		2020/09/29	DDI RULE 4148	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4148
DDI RULE 2210	Metasploit (Payload) - Reverse TCP Patchup Meterpreter	High		2020/09/28	DDI RULE 2210	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2210
DDI RULE 2751	Remote Command Shell - TCP	High		2020/09/24	DDI RULE 2751	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2751
DDI RULE 2752	Remote PowerShell - TCP	High		2020/09/24	DDI RULE 2752	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2752
DDI RULE 2664	CreateService - SMB (Request)	High		2020/09/21	DDI RULE 2664	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2664
DDI RULE 4443	Logon successful - SSH	High		2020/09/21	DDI RULE 4443	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4443
DDI RULE 4444	Unsuccessful logon - SSH	High		2020/09/21	DDI RULE 4444	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4444
DDI RULE 4445	Possible Brute force - SSH	High		2020/09/21	DDI RULE 4445	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4445
DDI RULE 4450	SERVER PROTECT RCE EXPLOIT - HTTP (REQUEST)	High		2020/09/17	DDI RULE 4450	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4450
DDI RULE 4451	APT - MUDDYWATER - HTTP (Request)	High		2020/09/17	DDI RULE 4451	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4451
DDI RULE 4452	CVE-2020-0911 - EXPLOIT - ICMPv6 (REQUEST)	High		2020/09/16	DDI RULE 4452	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4452
DDI RULE 4429	Remote Service execution through SMB2 SVCCTL detected - Variant 2	High		2020/09/15	DDI RULE 4429	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4429
DDI RULE 4449	Remote Service execution through SMB2 SVCCTL detected - Variant 3	High		2020/09/14	DDI RULE 4449	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4449
DDI RULE 4448	WORDPRESS PLUGIN FILEMANAGER EXPLOIT - HTTP (REQUEST)	High		2020/09/08	DDI RULE 4448	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4448
DDI RULE 4442	APT - DROVORUB - WEBSOCKET (RESPONSE)	High		2020/09/07	DDI RULE 4442	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4442
DDI RULE 4446	Apache Struts Potential Remote Code Execution Exploit - HTTP (Request)	Medium		2020/09/01	DDI RULE 4446	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4446
DDI RULE 4436	SQL Injection Remote Code Execution Sensor - HTTP (Request)	Low		2020/08/24	DDI RULE 4436	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4436
DDI RULE 4437	CVE-2014-9295 - Buffer Overflow - NTP (Request)	High		2020/08/24	DDI RULE 4437	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4437
DDI RULE 4438	CVE-2015-7855 - Denial of Service via decodenetnum - NTP (Request)	High		2020/08/24	DDI RULE 4438	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4438
DDI RULE 4439	CVE-2016-7434 - Denial of Service via mrulist - NTP (Request)	High		2020/08/24	DDI RULE 4439	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4439
DDI RULE 4440	CVE-2016-9312 - Possible Denial of Service via large packets - NTP (Request)	Low		2020/08/24	DDI RULE 4440	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4440
DDI RULE 4441	QAKBOT - Malicious Certificate - SSL - Variant 2	High		2020/08/20	DDI RULE 4441	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4441
DDI RULE 4434	CVE-2020-9484 - Apache Tomcat Deserialization Remote Code Execution - HTTP (Request)	High		2020/08/10	DDI RULE 4434	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4434
DDI RULE 1600	Report Server ID MODBUS Request	High		2020/08/06	DDI RULE 1600	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1600
DDI RULE 1598	Non-Modbus Communication Request	High		2020/08/06	DDI RULE 1598	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1598
DDI RULE 1599	Illegal Packet Size - Possible DOS Attack MODBUS Request	High		2020/08/06	DDI RULE 1599	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1599
DDI RULE 1122	Office Document File Internal Transfer	Low		2020/08/05	DDI RULE 1122	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1122
DDI RULE 1123	Office Document File Upload	Low		2020/08/05	DDI RULE 1123	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1123
DDI RULE 1119	HTTP Request - Hostname is an IP address	Low		2020/08/05	DDI RULE 1119	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1119
DDI RULE 1126	Executable file via FTP - class 1	Low		2020/08/05	DDI RULE 1126	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1126
DDI RULE 2289	Unsuccessful logon - FTP	Low		2020/08/05	DDI RULE 2289	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2289
DDI RULE 2290	Possible Brute force - FTP	Low		2020/08/05	DDI RULE 2290	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2290
DDI RULE 4430	Unencrypted REMCOS - TCP (Request)	High		2020/07/30	DDI RULE 4430	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4430
DDI RULE 4432	NGIOWEB - HTTP (REQUEST)	High		2020/07/30	DDI RULE 4432	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4432
DDI RULE 4433	APT - SUNFOU - HTTP (REQUEST)	High		2020/07/30	DDI RULE 4433	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4433
DDI RULE 2793	APT - WINNTI - HTTP (Response)	High		2020/07/30	DDI RULE 2793	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2793
DDI RULE 2874	ZEROSHELL RCE EXPLOIT - HTTP (Request)	High		2020/07/30	DDI RULE 2874	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2874
DDI RULE 1764	Possible Superfish SSL certificate detected	Low		2020/07/29	DDI RULE 1764	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1764
DDI RULE 2890	INFOSTEAL - HTTP (Request) - Variant 5	High		2020/07/28	DDI RULE 2890	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2890
DDI RULE 1052	IP Malicious - Class 1	Low		2020/07/27	DDI RULE 1052	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1052
DDI RULE 4427	APT - WELLMAIL - Malicious Certificate - SSL (Response)	High		2020/07/23	DDI RULE 4427	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4427
DDI RULE 4428	APT - WELLMESS - Malicious Certificate - SSL (Response)	High		2020/07/23	DDI RULE 4428	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4428
DDI RULE 4425	CVE-2020-1350 - DNS OVER TCP EXPLOIT - DNS (Response)	High		2020/07/22	DDI RULE 4425	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4425
DDI RULE 4426	CVE-2020-1350 - DNS OVER TCP EXPLOIT - TCP (Request)	High		2020/07/22	DDI RULE 4426	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4426
DDI RULE 2000	Metasploit(Payload) - Reverse DLL Inject - TCP (Response)	High		2020/07/22	DDI RULE 2000	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2000
DDI RULE 2211	Unsuccessful logon using default Administrator account - RDP	Low		2020/07/20	DDI RULE 2211	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2211
DDI RULE 2213	Possible Brute force using privileged user - RDP	Low		2020/07/20	DDI RULE 2213	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2213
DDI RULE 2391	Busybox Checking - TELNET (Request)	High		2020/07/13	DDI RULE 2391	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2391
DDI RULE 4424	CVE-2020-5902 - DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)	High		2020/07/09	DDI RULE 4424	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4424
DDI RULE 4322	possible Directory Traversal Exploit Attempted - URI Path - HTTP (Request) - Variant 2	High		2020/07/09	DDI RULE 4322	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4322
DDI RULE 4321	POWERTRICK - HTTP (REQUEST)	High		2020/07/06	DDI RULE 4321	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4321
DDI RULE 4207	CVE-2019-11354 - DOTPROJECT SQL Injection - HTTP (Request)	High		2020/07/01	DDI RULE 4207	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4207
DDI RULE 2663	APT - EXFRAM - TCP (Request)	High		2020/06/23	DDI RULE 2663	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2663
DDI RULE 4309	APT - LODEINFO - HTTP (Request)	High		2020/06/23	DDI RULE 4309	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4309
DDI RULE 4311	APT - BOTLODR - HTTP (REQUEST)	High		2020/06/23	DDI RULE 4311	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4311
DDI RULE 4313	MALXMR - HTTP (REQUEST)	High		2020/06/23	DDI RULE 4313	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4313
DDI RULE 4305	APT - KSDOOR - HTTP (REQUEST)	High		2020/06/23	DDI RULE 4305	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4305
DDI RULE 4230	APT - DATPER - HTTP (Request)	High		2020/06/23	DDI RULE 4230	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4230
DDI RULE 2019	APT - DALGAN - HTTP (Request)	High		2020/06/23	DDI RULE 2019	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2019
DDI RULE 1774	APT - Possible EMDIVI - HTTP (Request) - Variant 5	Low		2020/06/23	DDI RULE 1774	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1774
DDI RULE 1046	APT - Connection attempt to an APT-related CNC server detected	High		2020/06/23	DDI RULE 1046	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1046
DDI RULE 1549	APT - WINNTI - HTTP (Request)	High		2020/06/23	DDI RULE 1549	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1549
DDI RULE 1704	APT - TALERET - HTTP (Request) - Variant 2	High		2020/06/23	DDI RULE 1704	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1704
DDI RULE 1139	DORKBOT IRC Request - Class 1	High		2020/06/22	DDI RULE 1139	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1139
DDI RULE 2481	DOWNLOADER - HTTP (Response)	High		2020/06/17	DDI RULE 2481	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2481
DDI RULE 2467	RETEFE - HTTP (Response)	High		2020/06/17	DDI RULE 2467	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2467
DDI RULE 2443	SPORA - Ransomware - HTTP (Response)	High		2020/06/17	DDI RULE 2443	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2443
DDI RULE 4303	Executable file download from root directory - HTTP (Response)	Low		2020/06/17	DDI RULE 4303	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4303
DDI RULE 4304	Executable file download - HTTP (Response)	Low		2020/06/17	DDI RULE 4304	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4304
DDI RULE 4323	CVE-2019-19781 - CITRIX ADC DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)	High		2020/06/17	DDI RULE 4323	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4323
DDI RULE 4355	CVE-2020-8794 - OPENSMTPD RCE EXPLOIT - SMTP (RESPONSE)	High		2020/06/17	DDI RULE 4355	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4355
DDI RULE 4423	ACIDBAT - TCP (Request)	Medium		2020/06/17	DDI RULE 4423	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4423
DDI RULE 4380	CVE-2020-5722 - GRANDSTREAM RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/17	DDI RULE 4380	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4380
DDI RULE 4398	CVE-2020-12109 - TPLINK RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/17	DDI RULE 4398	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4398
DDI RULE 2650	ANDROM - HTTP (Response)	Medium		2020/06/17	DDI RULE 2650	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2650
DDI RULE 2653	PHOTOMINER - HTTP (Response)	High		2020/06/17	DDI RULE 2653	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2653
DDI RULE 2715	MINER CONFIG - HTTP (Response)	High		2020/06/17	DDI RULE 2715	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2715
DDI RULE 2767	Window Shell Remote Code Execution - HTTP (Response)	High		2020/06/17	DDI RULE 2767	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2767
DDI RULE 2757	ELF File requested from root directory - HTTP (Response)	High		2020/06/17	DDI RULE 2757	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2757
DDI RULE 2731	KAIXIN - Exploit Kit - HTTP (Response) - Variant 5	High		2020/06/17	DDI RULE 2731	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2731
DDI RULE 2504	CVE-2017-9798 - APACHE OPTIONSBLEED Vulnerability - HTTP (Response)	High		2020/06/17	DDI RULE 2504	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2504
DDI RULE 2514	TERROR - Exploit Kit - HTTP (Response)	High		2020/06/17	DDI RULE 2514	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2514
DDI RULE 2542	MINER - HTTP (Response)	High		2020/06/17	DDI RULE 2542	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2542
DDI RULE 2591	KRBANKER - HTTP (Response)	High		2020/06/17	DDI RULE 2591	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2591
DDI RULE 2585	Ratankba Downloader - HTTP (Response)	High		2020/06/17	DDI RULE 2585	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2585
DDI RULE 2608	EMOTET - HTTP (Response) - Variant 2	High		2020/06/17	DDI RULE 2608	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2608
DDI RULE 2609	HANCITOR - HTTP (Request) - Variant 3	High		2020/06/17	DDI RULE 2609	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2609
DDI RULE 2616	Suspicious CWS Flash - HTTP (Response)	Medium		2020/06/17	DDI RULE 2616	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2616
DDI RULE 2617	GANDCRAB - Ransomware - HTTP (Response)	High		2020/06/17	DDI RULE 2617	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2617
DDI RULE 2620	Suspicious Executable File Download - HTTP (Response)	High		2020/06/17	DDI RULE 2620	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2620
DDI RULE 4181	TREVOR - HTTP (Response)	Medium		2020/06/17	DDI RULE 4181	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4181
DDI RULE 2825	CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request)	High		2020/06/17	DDI RULE 2825	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2825
DDI RULE 2939	CVE-2018-6961 VMWARE NSX RCE EXPLOIT - HTTP (Request)	High		2020/06/16	DDI RULE 2939	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2939
DDI RULE 4111	CVE-2009-5157 Linksys WAG54G2 RCE Exploit - HTTP (Request)	High		2020/06/16	DDI RULE 4111	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4111
DDI RULE 4113	CVE-2019-12095 Horde Webmail Unauthenticated XSS Exploit - HTTP (Request)	High		2020/06/16	DDI RULE 4113	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4113
DDI RULE 4114	CVE-2012-4869 PBX RCE Exploit - HTTP (Request)	High		2020/06/16	DDI RULE 4114	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4114
DDI RULE 2588	CVE-2017-9822 DotNetNuke Remote Code Execution Exploit - HTTP (Request)	High		2020/06/16	DDI RULE 2588	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2588
DDI RULE 2517	CVE-2017-14493 - DNSMASQ Buffer Overflow Exploit - DHCP (Request)	High		2020/06/16	DDI RULE 2517	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2517
DDI RULE 2518	CVE-2017-14496 - DNSMASQ Integer Underflow Exploit - DNS (Request)	High		2020/06/16	DDI RULE 2518	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2518
DDI RULE 4391	COBEACON - DNS (Response)	High		2020/06/16	DDI RULE 4391	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4391
DDI RULE 4383	CVE-2020-7961 - LIFERAY PORTAL RCE EXPLOIT - HTTP (Request)	High		2020/06/16	DDI RULE 4383	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4383
DDI RULE 4401	CVE-2020-13118 - MIKROTIK SQL INJECT - HTTP (REQUEST)	High		2020/06/16	DDI RULE 4401	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4401
DDI RULE 4324	CVE-2019-20197 - NAGIOSXI Remote Code Execution Exploit - HTTP (Request)	High		2020/06/16	DDI RULE 4324	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4324
DDI RULE 4325	CVE-2019-10758 - MONGODB RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/16	DDI RULE 4325	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4325
DDI RULE 4217	CVE-2019-12991 - CITRIX SDWAN RCE - HTTP (Request)	High		2020/06/16	DDI RULE 4217	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4217
DDI RULE 4204	CVE-2019-15107 WEBMIN RCE Exploit - HTTP (Request)	High		2020/06/16	DDI RULE 4204	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4204
DDI RULE 4242	CVE-2018-18778 - ACME File Discovery Exploit - HTTP (RESPONSE)	Medium		2020/06/16	DDI RULE 4242	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4242
DDI RULE 4248	CVE-2019-2618 - WEBLOGIC FILE UPLOAD EXPLOIT - HTTP (REQUEST)	Medium		2020/06/16	DDI RULE 4248	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4248
DDI RULE 4267	CVE-2019-11043 - PHP RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/16	DDI RULE 4267	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4267
DDI RULE 4277	CVE-2019-5127 - YOUPHPTUBE COMMAND INJECTION - HTTP (REQUEST)	High		2020/06/16	DDI RULE 4277	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4277
DDI RULE 2253	CVE-2016-2776 DNS ISC BIND TSIG EXPLOIT - DNS (Request)	High		2020/06/16	DDI RULE 2253	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2253
DDI RULE 1531	Possible SSL CVE-2014-0224 CCS Injection - Class 1	Medium		2020/06/16	DDI RULE 1531	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1531
DDI RULE 1010	PE_XPAJ TCP Connection - Class 1	High		2020/06/15	DDI RULE 1010	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1010
DDI RULE 2448	REGEORG - HTTP (Response)	High		2020/06/15	DDI RULE 2448	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2448
DDI RULE 2377	CVE-2017-9073 - Remote Code Execution - RDP	High		2020/06/15	DDI RULE 2377	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2377
DDI RULE 4278	CVE-2019-5121 - YOUPHPTUBE SQL INJECTION - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4278	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4278
DDI RULE 4273	CVE-2019-16278 - DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4273	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4273
DDI RULE 4274	CVE-2007-5693 - Sitebar Remote Code Execution EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4274	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4274
DDI RULE 4251	CVE-2019-16920 - DLINK RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4251	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4251
DDI RULE 4218	CVE-2014-4663 TIMTHUMB RCE Exploit- HTTP (Request)	High		2020/06/15	DDI RULE 4218	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4218
DDI RULE 4339	CVE-2018-7777 - SCHNEIDER RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4339	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4339
DDI RULE 4333	CVE-2019-18396 - TECHNICOLOR RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4333	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4333
DDI RULE 4400	CVE-2019-7193 - QNAP RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4400	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4400
DDI RULE 4421	CVE-2020-1301 - RCE DDOS EXPLOIT - SMB (Request)	Medium		2020/06/15	DDI RULE 4421	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4421
DDI RULE 4422	Possible CVE-2020-1206 - BLEED EXPLOIT - (Request)	Medium		2020/06/15	DDI RULE 4422	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4422
DDI RULE 4379	CVE-2019-20499 - DLINK DWL RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4379	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4379
DDI RULE 4372	CVE-2020-8949 - GOCLOUD RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4372	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4372
DDI RULE 4373	CVE-2020-9026 - ELTEX RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/15	DDI RULE 4373	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4373
DDI RULE 2589	LOKI - HTTP (Response)	High		2020/06/15	DDI RULE 2589	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2589
DDI RULE 2723	MAGNITUDE - Exploit Kit - HTTP (Response)	High		2020/06/15	DDI RULE 2723	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2723
DDI RULE 2750	CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)	High		2020/06/15	DDI RULE 2750	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2750
DDI RULE 2701	Possible EMOTET - HTTP (Response) - Variant 3	High		2020/06/15	DDI RULE 2701	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2701
DDI RULE 4112	CVE-2019-12094 Horde Webmail Unauthenticated RCE Exploit - HTTP (Request)	High		2020/06/15	DDI RULE 4112	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4112
DDI RULE 4188	CVE-2014-3914 - Rocket Servergraph - RCE - HTTP (Request)	High		2020/06/15	DDI RULE 4188	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4188
DDI RULE 4259	MDMP File Upload	Low		2020/06/12	DDI RULE 4259	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4259
DDI RULE 4260	Log Files Upload	Low		2020/06/12	DDI RULE 4260	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4260
DDI RULE 4403	SSH on Non-Standard Port - Request	Medium		2020/06/11	DDI RULE 4403	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4403
DDI RULE 4419	Zyxel - Remote Code Execution - HTTP (Request) - Variant 2	High		2020/06/08	DDI RULE 4419	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4419
DDI RULE 4420	SHELLRESET - DATA EXFILTRATION - HTTP (Request)	High		2020/06/08	DDI RULE 4420	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4420
DDI RULE 4415	JSPSPY Webshell - HTTP (Request) - Variant 2	High		2020/06/08	DDI RULE 4415	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4415
DDI RULE 2639	CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request)	High		2020/06/08	DDI RULE 2639	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2639
DDI RULE 4418	Possible CVE-2020-0796 - SERVER COMPRESSION TRANSFORM EXPLOIT - SMB3 (Request) - Variant 2	Medium		2020/06/05	DDI RULE 4418	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4418
DDI RULE 4416	CVE-2020-11963 - IQROUTER RCE EXPLOIT - HTTP (REQUEST)	High		2020/06/04	DDI RULE 4416	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4416
DDI RULE 4417	CVE-2020-11963 - IQROUTER RCE EXPLOIT - HTTP (REQUEST) - Variant 2	High		2020/06/04	DDI RULE 4417	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4417
DDI RULE 4414	ThinkPHP 5x Remote Code Execution - HTTP (Request) - Variant 2	High		2020/06/03	DDI RULE 4414	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4414
DDI RULE 4402	CVE-2020-11652 - Saltstack Directory Traversal - TCP (Request)	High		2020/06/03	DDI RULE 4402	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4402
DDI RULE 4399	CVE-2020-11651 - Saltstack Remote Code Execution Exploit - TCP (Request)	High		2020/06/03	DDI RULE 4399	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4399
DDI RULE 2500	Executable Image Download - HTTP (Response)	Medium		2020/06/03	DDI RULE 2500	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2500
DDI RULE 4413	Possible Directory Traversal Exploit Attempted SENSOR - HEADERS - HTTP (Request)	Low		2020/06/02	DDI RULE 4413	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4413
DDI RULE 4412	CVE-2020-8617 - NXNSATTACK - DNS (REQUEST)	High		2020/06/01	DDI RULE 4412	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4412
DDI RULE 4397	ACTIVE DIRECTORY GPO DEPLOY COMMAND - SMB2 (Response)	High		2020/05/28	DDI RULE 4397	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4397
DDI RULE 2837	CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request)	Medium		2020/05/26	DDI RULE 2837	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2837
DDI RULE 2654	Powershell - SMB	Medium		2020/05/14	DDI RULE 2654	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2654
DDI RULE 4235	Remote CreateService - SMB2 (Request)	High		2020/05/14	DDI RULE 4235	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4235
DDI RULE 4236	Meterpreter Powershell - SMB2 (Request)	High		2020/05/14	DDI RULE 4236	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4236
DDI RULE 4395	HADGLIDER - HTTP (REQUEST)	High		2020/05/13	DDI RULE 4395	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4395
DDI RULE 4389	APT - GRIFFON - HTTP (Request)	High		2020/05/13	DDI RULE 4389	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4389
DDI RULE 4390	CobaltStrike - HTTPS (Request)	Low		2020/05/12	DDI RULE 4390	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4390
DDI RULE 4392	CVE-2020-12078 - OPENAUDIT RCE EXPLOIT - HTTP (Request)	High		2020/05/11	DDI RULE 4392	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4392
DDI RULE 4393	CVE-2020-10808 - IFS UNIX EXPLOIT - FTP (Request)	High		2020/05/11	DDI RULE 4393	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4393
DDI RULE 4394	CVE-2020-2883 - WEBLOGIC T3 EXPLOIT - TCP (REQUEST)	High		2020/05/11	DDI RULE 4394	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4394
DDI RULE 1641	CVE-2014-6277 - SHELLSHOCK HTTP Exploit	High		2020/05/11	DDI RULE 1641	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1641
DDI RULE 4387	Possible SoftEther VPN Client - HTTPS (REQUEST)	Medium		2020/05/06	DDI RULE 4387	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4387
DDI RULE 4386	CVE-2020-3952 - VSPHERE EXPLOIT - LDAP (Request)	Low		2020/05/05	DDI RULE 4386	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4386
DDI RULE 4385	Invalid Credentials - LDAP (Response)	Low		2020/05/04	DDI RULE 4385	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4385
DDI RULE 4384	UNIX IFS SHELL RCE - HTTP (Request)	Low		2020/04/29	DDI RULE 4384	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4384
DDI RULE 1502	Possible Malformed Heartbeat SSL Response - Class 1	Medium		2020/04/29	DDI RULE 1502	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1502
DDI RULE 1503	Possible Malformed Heartbeat SSL Response - Class 2	Medium		2020/04/29	DDI RULE 1503	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1503
DDI RULE 2363	QAKBOT - Malicious certificate - SSL	High		2020/04/28	DDI RULE 2363	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2363
DDI RULE 2412	TRICKBOT - Malicious certificate - SSL	High		2020/04/28	DDI RULE 2412	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2412
DDI RULE 2005	Possible EDELLROOT certificate detected	High		2020/04/28	DDI RULE 2005	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2005
DDI RULE 4382	CGIBIN Unauthenticated Remote Code Execution - HTTP (REQUEST) - Variant 2	High		2020/04/27	DDI RULE 4382	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4382
DDI RULE 4381	Possible Pseudorandom Subdomain Attack - DNS (Response)	Low		2020/04/23	DDI RULE 4381	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4381
DDI RULE 4249	NEGASTEAL - SMTP (Request)	High		2020/04/22	DDI RULE 4249	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4249
DDI RULE 4297	PAEXEC - SMB2 (REQUEST)	High		2020/04/21	DDI RULE 4297	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4297
DDI RULE 2342	IMEIJ - TCP	High		2020/04/21	DDI RULE 2342	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2342
DDI RULE 1183	ZBOT - DNS (Request)	Medium		2020/04/20	DDI RULE 1183	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1183
DDI RULE 4337	INFOSTEALER - HTTP (REQUEST)	High		2020/04/13	DDI RULE 4337	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4337
DDI RULE 4376	VALTAK - HTTP (REQUEST) - Variant 2	High		2020/04/02	DDI RULE 4376	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4376
DDI RULE 4377	VALTAK - HTTP (REQUEST)	High		2020/04/02	DDI RULE 4377	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4377
DDI RULE 4378	PWNAGE - DNS (Response)	High		2020/04/02	DDI RULE 4378	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4378
DDI RULE 2610	Possible MEMCACHED Amplified DDOS Attempt - UDP (Request)	High		2020/03/30	DDI RULE 2610	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2610
DDI RULE 2584	POSGERAT Data Exfiltration - DNS (Response)	Low		2020/03/30	DDI RULE 2584	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2584
DDI RULE 4199	Amazon Phishing - DNS (Response)	High		2020/03/30	DDI RULE 4199	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4199
DDI RULE 2280	DUNIHI - TCP	High		2020/03/30	DDI RULE 2280	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2280
DDI RULE 2308	Possible DGA - DNS (Response)	Medium		2020/03/30	DDI RULE 2308	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2308
DDI RULE 4374	NETLINK GPON RCE EXPLOIT - HTTP(Request)	High		2020/03/24	DDI RULE 4374	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4374
DDI RULE 4375	CVE-2020-10221 - RCONFIG RCE EXPLOIT - HTTP (REQUEST)	High		2020/03/24	DDI RULE 4375	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4375
DDI RULE 4265	CVE-2019-16663 - RCONFIG RCE EXPLOIT - HTTP (REQUEST)	High		2020/03/24	DDI RULE 4265	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4265
DDI RULE 4362	CVE-2020-9054 - ZYXEL NAS - HTTP (REQUEST)	High		2020/03/23	DDI RULE 4362	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4362
DDI RULE 2871	Possible Directory Traversal Exploit Attempted - URI Variable/URI Path - HTTP (Request)	High		2020/03/19	DDI RULE 2871	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2871
DDI RULE 1184	Possible Directory Traversal Exploit Attempted - Messagebody - HTTP (Request)	Low		2020/03/19	DDI RULE 1184	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1184
DDI RULE 4347	Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 2	High		2020/03/18	DDI RULE 4347	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4347
DDI RULE 4223	APT - Suspicious Cgi - HTTP (Request)	High		2020/03/18	DDI RULE 4223	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4223
DDI RULE 4366	Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 3	Low		2020/03/18	DDI RULE 4366	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4366
DDI RULE 4348	Suspicious Cgi Arbitrary File Upload - HTTP (Request)	High		2020/03/17	DDI RULE 4348	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4348
DDI RULE 4338	Suspicious File Upload - HTTP (Request)	High		2020/03/17	DDI RULE 4338	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4338
DDI RULE 4367	CVE-2020-9351 - SMARTCLIENT - Exploit - HTTP (Request)	Low		2020/03/16	DDI RULE 4367	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4367
DDI RULE 4368	CVE-2020-9353 - SMARTCLIENT Directory Traversal Exploit - HTTP (Request)	Low		2020/03/16	DDI RULE 4368	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4368
DDI RULE 4369	CVE-2020-9353 - SMARTCLIENT File Upload Exploit - HTTP (Request)	Low		2020/03/16	DDI RULE 4369	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4369
DDI RULE 4365	CVE-2020-0796 - SERVER COMPRESSION TRANSFORM EXPLOIT - SMB3 (Request)	High		2020/03/16	DDI RULE 4365	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4365
DDI RULE 4370	CCTV-DVR Remote Code Execution - HTTP (Request) - Variant 2	High		2020/03/16	DDI RULE 4370	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4370
DDI RULE 4371	CVE-2020-8515 - DRAYTEK VIGOR Remote Code Execution Exploit - HTTP (Request)	High		2020/03/16	DDI RULE 4371	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4371
DDI RULE 2385	SOAP RCE EXPLOIT - HTTP (Request)	High		2020/03/12	DDI RULE 2385	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2385
DDI RULE 4364	RACCOON - HTTP (REQUEST)	High		2020/03/11	DDI RULE 4364	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4364
DDI RULE 2867	BELKIN Router - HTTP (Request) - Variant 2	High		2020/03/11	DDI RULE 2867	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2867
DDI RULE 2868	ZTE Router - HTTP (Request) - Variant 2	High		2020/03/11	DDI RULE 2868	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2868
DDI RULE 4363	VIRTUALFREER RCE EXPLOIT - HTTP (REQUEST)	High		2020/03/09	DDI RULE 4363	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4363
DDI RULE 4361	DLINK Command Injection Exploit - HTTP (Request) - Variant 4	High		2020/03/09	DDI RULE 4361	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4361
DDI RULE 4360	Comtrend - Remote Command Execution Exploit - HTTP (REQUEST)	High		2020/03/05	DDI RULE 4360	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4360
DDI RULE 4357	CVE-2020-0688 - Microsoft Exchange Validation Key Remote Code Execution - HTTP (Request)	High		2020/03/05	DDI RULE 4357	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4357
DDI RULE 4358	Cloud Snooper - TCP Connection	High		2020/03/05	DDI RULE 4358	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4358
DDI RULE 4359	CVE-2020-9374 - TPLINK RCE EXPLOIT - HTTP (REQUEST)	High		2020/03/05	DDI RULE 4359	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4359
DDI RULE 4316	D-Link Unauthenticated Remote Code Execution in HTTP_ST - UDP (Request)	High		2020/03/05	DDI RULE 4316	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4316
DDI RULE 4351	CVE-2020-8813 - CACTI RCE EXPLOIT - HTTP (REQUEST)	High		2020/03/04	DDI RULE 4351	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4351
DDI RULE 4356	CVE-2019-17564 - Apache Dubbo Unauthenticated Remote Code Execution Exploit - HTTP (Request)	High		2020/03/04	DDI RULE 4356	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4356
DDI RULE 4353	CVE-2019-19356 - NETIS Remote Code Execution - HTTP (Request)	High		2020/03/03	DDI RULE 4353	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4353
DDI RULE 4354	CVE-2020-1938 - TOMCAT AJP LFI EXPLOIT - TCP (Request)	Medium		2020/03/03	DDI RULE 4354	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4354
DDI RULE 4287	OpenNetAdmin Remote Code Execution Exploit (Request)	High		2020/03/03	DDI RULE 4287	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4287
DDI RULE 4352	ICMP SWEEP - ICMP (Request)	High		2020/02/26	DDI RULE 4352	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4352
DDI RULE 4350	CVE-2020-0618 - SQL Server Reporting Services Remote Code Execution Exploit - HTTP (Request)	Medium		2020/02/25	DDI RULE 4350	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4350
DDI RULE 4328	CVE-2019-20224 - Pandora FMS 7.0NG Authenticated Remote Code Execution Exploit - HTTP (Request)	High		2020/02/25	DDI RULE 4328	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4328
DDI RULE 2912	CVE-2019-0604 SharePoint Remote Code Execution Exploit - HTTP (Request)	Medium		2020/02/24	DDI RULE 2912	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2912
DDI RULE 4346	Bottle - Exploit Kit - HTTP (Request)	High		2020/02/19	DDI RULE 4346	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4346
DDI RULE 4345	EMOTET - HTTP (Request) - Variant 7	High		2020/02/13	DDI RULE 4345	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4345
DDI RULE 4343	AVCON6 Remote Code Execution Exploit - HTTP (Request)	High		2020/02/12	DDI RULE 4343	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4343
DDI RULE 4344	CHEVERETO Remote Code Execution Exploit - HTTP (Request)	High		2020/02/12	DDI RULE 4344	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4344
DDI RULE 4341	WAGO PFC200 RCE EXPLOIT - HTTP (REQUEST)	High		2020/02/12	DDI RULE 4341	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4341
DDI RULE 4320	EMOTET - HTTP (Request) - Variant 6	Medium		2020/02/12	DDI RULE 4320	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4320
DDI RULE 4329	KindEditor Possible WebShell File Upload Exploit - HTTP (Request)	Medium		2020/02/11	DDI RULE 4329	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4329
DDI RULE 4314	CVE-2019-17621 - DLINK Remote Code Execution - HTTP (Request)	High		2020/02/11	DDI RULE 4314	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4314
DDI RULE 4315	CVE-2019-9692 - CMS Made Simple Showtime2 Arbitrary File Upload Exploit - HTTP (Request)	Medium		2020/02/11	DDI RULE 4315	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4315
DDI RULE 4310	CVE-2018-9021 - BROADCOM ACCESS MANAGER Remote Code Execution Exploit - HTTP (Request)	High		2020/02/11	DDI RULE 4310	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4310
DDI RULE 4288	CVE-2019-5071 - TENDA RCE EXPLOIT - HTTP (REQUEST)	High		2020/02/11	DDI RULE 4288	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4288
DDI RULE 4289	CVE-2019-5072 - TENDA RCE EXPLOIT - HTTP (REQUEST)	High		2020/02/11	DDI RULE 4289	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4289
DDI RULE 4331	CVE-2020-6757 - PIXELSTOR Remote Code Execution Exploit - HTTP (Request)	High		2020/02/11	DDI RULE 4331	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4331
DDI RULE 4332	CVE-2017-9841 - PHPUnit Remote Code Execution Exploit - HTTP (Request)	Medium		2020/02/11	DDI RULE 4332	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4332
DDI RULE 4334	CVE-2020-7799 - FUSIONAUTH Remote Code Execution Exploit - HTTP (Request)	High		2020/02/11	DDI RULE 4334	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4334
DDI RULE 4335	CVE-2020-7980 - Satellian Remote Code Execution - HTTP (Request)	High		2020/02/11	DDI RULE 4335	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4335
DDI RULE 4275	CVE-2019-7256 - LINEAR EMERGE Remote Code Execution Exploit - HTTP (Request)	High		2020/02/11	DDI RULE 4275	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4275
DDI RULE 4270	APACHE SOLR Remote Code Execution Exploit - HTTP (Request)	High		2020/02/11	DDI RULE 4270	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4270
DDI RULE 4286	CVE-2017-12945 - Mersive Solstice Remote Code Execution Exploit (Request)	Medium		2020/02/11	DDI RULE 4286	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4286
DDI RULE 4340	ASTPP VOIP RCE EXPLOIT - HTTP (REQUEST)	High		2020/02/10	DDI RULE 4340	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4340
DDI RULE 4336	CVE-2019-19509 - rConfig Authenticated Remote Code Execution - HTTP (Request)	High		2020/02/06	DDI RULE 4336	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4336
DDI RULE 2143	SQLINJECT - HTTP (Request)	Low		2020/02/05	DDI RULE 2143	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2143
DDI RULE 4294	CVE-2019-1485 - VBScript Rremote Code Execution - HTTP (Request)	Low		2020/02/03	DDI RULE 4294	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4294
DDI RULE 4330	CVE-2020-0601 Spoofed Certificate Attempt - TLS (Response)	High		2020/01/22	DDI RULE 4330	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4330
DDI RULE 4326	APT - BISONAL - HTTP (Request)	High		2020/01/22	DDI RULE 4326	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4326
DDI RULE 4327	CVE-2019-19781 - CITRIX ADC EXPLOIT - HTTP (Response)	Medium		2020/01/20	DDI RULE 4327	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4327
DDI RULE 4317	APT - GH0STRAT - HTTP (Request)	High		2020/01/14	DDI RULE 4317	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4317
DDI RULE 1572	TROJAN - HTTP (Request) - Variant 43	High		2020/01/06	DDI RULE 1572	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1572
DDI RULE 1588	TROJAN - HTTP (Request) - Variant 47	High		2020/01/06	DDI RULE 1588	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1588
DDI RULE 2100	NYMAIM - HTTP (Request) - Variant 2	Medium		2020/01/02	DDI RULE 2100	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2100
DDI RULE 2099	NYMAIM - HTTP (Request)	High		2020/01/02	DDI RULE 2099	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2099
DDI RULE 4312	Umbraco CMS Remote Code Execution - HTTP (Request) - Variant 2	High		2020/01/02	DDI RULE 4312	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4312
DDI RULE 2710	FLAWEDAMMYY - TCP (Request)	High		2019/12/30	DDI RULE 2710	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2710
DDI RULE 2878	APT - POORWEB - HTTP (Request)	High		2019/12/23	DDI RULE 2878	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2878
DDI RULE 4308	KSDOOR - HTTP (REQUEST) - Variant 2	Medium		2019/12/23	DDI RULE 4308	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4308
DDI RULE 4306	SQL INJECTION - EXPLOIT - HTTP (REQUEST)	High		2019/12/23	DDI RULE 4306	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4306
DDI RULE 4307	PUPY - Malicious Certificate - HTTPS (Response)	High		2019/12/19	DDI RULE 4307	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4307
DDI RULE 4302	Umbraco CMS Remote Code Execution - HTTP (Request)	High		2019/12/17	DDI RULE 4302	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4302
DDI RULE 4299	Remote Service execution through SMB2 SVCCTL detected	High		2019/12/16	DDI RULE 4299	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4299
DDI RULE 4292	MALPHISH - HTTP (REQUEST) - Variant 4	High		2019/12/16	DDI RULE 4292	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4292
DDI RULE 4293	APACHE FLINK FILE UPLOAD EXPLOIT - HTTP (REQUEST)	Medium		2019/12/10	DDI RULE 4293	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4293
DDI RULE 4295	POSSIBLE JSP WEBSHELL UPLOAD EXPLOIT - HTTP (REQUEST)	Medium		2019/12/10	DDI RULE 4295	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4295
DDI RULE 4290	VIDAR - HTTP (Request)	High		2019/12/09	DDI RULE 4290	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4290
DDI RULE 4281	CVE-2019-15683 - TURBOVNC Buffer Overflow Exploit - TCP (REQUEST)	Medium		2019/12/09	DDI RULE 4281	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4281
DDI RULE 4282	CVE-2019-8274 - UltraVNC Buffer Overflow Exploit - TCP (REQUEST)	Medium		2019/12/09	DDI RULE 4282	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4282
DDI RULE 4283	CVE-2019-8276 - UltraVNC Buffer Overflow Exploit - TCP (REQUEST)	Medium		2019/12/09	DDI RULE 4283	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4283
DDI RULE 4252	CVE-2019-11540 Pulse Secure Cross-Site Script Inclusion - HTTP (Request)	Low		2019/12/09	DDI RULE 4252	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4252
DDI RULE 4253	CVE-2019-11507 Pulse Secure Cross-Site Scripting - HTTP (Request)	Low		2019/12/09	DDI RULE 4253	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4253
DDI RULE 4254	CVE-2019-11542 Pulse Secure Stack Buffer Overflow - HTTP (Request)	Low		2019/12/09	DDI RULE 4254	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4254
DDI RULE 4255	CVE-2019-11539 Pulse Secure Command Injection - HTTP (Request)	Low		2019/12/09	DDI RULE 4255	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4255
DDI RULE 4224	CVE-2019-15846 EXIM TLS Flaw - HTTPS (Request)	Medium		2019/12/05	DDI RULE 4224	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4224
DDI RULE 4231	APT - SUSPICIOUS CGI - HTTP (Request)	High		2019/12/05	DDI RULE 4231	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4231
DDI RULE 4232	EMOTET - HTTP (Request) - Variant 5	High		2019/12/05	DDI RULE 4232	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4232