| DDI RULE 4212 | Possible Bruteforce - HTTP (Request) | MEDIUM | | 2019/09/12 | DDI RULE 4212 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4212 |
| DDI RULE 4221 | Jenkins RCE Exploit - HTTP (Request)- Variant 2 | HIGH | | 2019/09/12 | DDI RULE 4221 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4221 |
| DDI RULE 4228 | XSS Href Exploit - HTTP (Request) | HIGH | | 2019/09/12 | DDI RULE 4228 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4228 |
| DDI RULE 4229 | YEALINK VOIP - COMMAND INJECTION - HTTP (Request) | HIGH | | 2019/09/12 | DDI RULE 4229 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4229 |
| DDI RULE 4230 | APT - DATPER - HTTP (Request) | HIGH | | 2019/09/12 | DDI RULE 4230 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4230 |
| DDI RULE 4231 | APT - SUSPICIOUS CGI - HTTP (Request) | HIGH | | 2019/09/12 | DDI RULE 4231 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4231 |
| DDI RULE 4220 | RIG - Exploit Kit - HTTP (Request) - Variant 8 | HIGH | | 2019/09/10 | DDI RULE 4220 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4220 |
| DDI RULE 2897 | EMOTET - HTTP (Request) - Variant 4 | HIGH | | 2019/09/10 | DDI RULE 2897 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2897 |
| DDI RULE 4205 | Register Shutdown Function Webshell - HTTP (Request) | HIGH | | 2019/09/03 | DDI RULE 4205 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4205 |
| DDI RULE 4213 | RETADUP - HTTP (Response) | HIGH | | 2019/09/03 | DDI RULE 4213 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4213 |
| DDI RULE 4214 | CVE-2019-1181 Chopper Compression Overflow Remote Code Execution - RDP (Request) - Variant 2 | MEDIUM | | 2019/09/03 | DDI RULE 4214 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4214 |
| DDI RULE 4215 | CVE-2019-1182 Chopper Compression Overflow Remote Code Execution - RDP (Request) - Variant 2 | MEDIUM | | 2019/09/03 | DDI RULE 4215 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4215 |
| DDI RULE 4203 | Possible CVE-2019-1224 Server Information Disclosure Exploit - RDP (Response) | LOW | | 2019/09/03 | DDI RULE 4203 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4203 |
| DDI RULE 4216 | BLUEANGEL - Comand Injection - HTTP (Request) | HIGH | | 2019/09/02 | DDI RULE 4216 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4216 |
| DDI RULE 4217 | CVE-2019-12991 - CITRIX SDWAN RCE - HTTP (Request) | HIGH | | 2019/09/02 | DDI RULE 4217 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4217 |
| DDI RULE 4218 | CVE-2014-4663 TIMTHUMB RCE Exploit- HTTP (Request) | HIGH | | 2019/09/02 | DDI RULE 4218 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4218 |
| DDI RULE 4219 | GHOSTMINER - HTTP (Request) | HIGH | | 2019/09/02 | DDI RULE 4219 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4219 |
| DDI RULE 4143 | Malicious SSL Client Connection | HIGH | | 2019/09/02 | DDI RULE 4143 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4143 |
| DDI RULE 4144 | Malicious SSL Server Connection | HIGH | | 2019/09/02 | DDI RULE 4144 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4144 |
| DDI RULE 4145 | Malicious SSL Connection | HIGH | | 2019/09/02 | DDI RULE 4145 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4145 |
| DDI RULE 4146 | Suspicious SSL Connection | MEDIUM | | 2019/09/02 | DDI RULE 4146 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4146 |
| DDI RULE 4147 | Suspicious SSL Client Connection | LOW | | 2019/09/02 | DDI RULE 4147 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4147 |
| DDI RULE 4148 | Suspicious SSL Server Connection | LOW | | 2019/09/02 | DDI RULE 4148 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4148 |
| DDI RULE 4181 | TREVOR - HTTP (Response) | MEDIUM | | 2019/09/02 | DDI RULE 4181 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4181 |
| DDI RULE 4182 | TREVOR - HTTP (Response) - Variant 2 | MEDIUM | | 2019/09/02 | DDI RULE 4182 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4182 |
| DDI RULE 4180 | BASHLITE - TCP (Request) | HIGH | | 2019/08/28 | DDI RULE 4180 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4180 |
| DDI RULE 4176 | RANSOM SYRK - DNS (Response) | HIGH | | 2019/08/28 | DDI RULE 4176 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4176 |
| DDI RULE 4199 | Amazon Phishing - DNS (Response) | HIGH | | 2019/08/28 | DDI RULE 4199 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4199 |
| DDI RULE 4211 | CLIPSA - HTTP (Request) | MEDIUM | | 2019/08/28 | DDI RULE 4211 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4211 |
| DDI RULE 2891 | EMPIRE - HTTP (Request) - Variant 3 | HIGH | | 2019/08/28 | DDI RULE 2891 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2891 |
| DDI RULE 2568 | COBALTSTRIKE - DNS (Response) | HIGH | | 2019/08/28 | DDI RULE 2568 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2568 |
| DDI RULE 2569 | TOXOCARA - DNS (Response) | HIGH | | 2019/08/28 | DDI RULE 2569 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2569 |
| DDI RULE 2861 | ShadowHammer - DNS (Response) | HIGH | | 2019/08/28 | DDI RULE 2861 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2861 |
| DDI RULE 1009 | PE_XPAJ DNS Response - Class 1 | HIGH | | 2019/08/28 | DDI RULE 1009 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1009 |
| DDI RULE 1084 | RED OCTOBER ATTACK DNS Response - Class 1 | HIGH | | 2019/08/28 | DDI RULE 1084 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1084 |
| DDI RULE 1734 | RANSOM CRYPCTB DNS Connection detected | HIGH | | 2019/08/28 | DDI RULE 1734 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1734 |
| DDI RULE 1779 | RANSOM CRILOCK DNS Connection | HIGH | | 2019/08/28 | DDI RULE 1779 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1779 |
| DDI RULE 1845 | RANSOM CRYPRAAS DNS Connection detected | HIGH | | 2019/08/28 | DDI RULE 1845 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1845 |
| DDI RULE 2043 | OSX KeRanger DNS Connection detected | HIGH | | 2019/08/28 | DDI RULE 2043 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2043 |
| DDI RULE 2497 | CCHACK - DNS (Response) | HIGH | | 2019/08/28 | DDI RULE 2497 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2497 |
| DDI RULE 4204 | CVE-2019-15107 WEBMIN RCE Exploit - HTTP (Request) | HIGH | | 2019/08/27 | DDI RULE 4204 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4204 |
| DDI RULE 4207 | CVE-2019-11354 - DOTPROJECT SQL Injetion - HTTP (Request) | HIGH | | 2019/08/27 | DDI RULE 4207 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4207 |
| DDI RULE 4208 | CVE-2019-12989 - CITRIX SDWAN AUTH BYPASS - HTTP (Request) | HIGH | | 2019/08/27 | DDI RULE 4208 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4208 |
| DDI RULE 4209 | WEBMIN RCE Exploit - HTTP (Request) | HIGH | | 2019/08/27 | DDI RULE 4209 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4209 |
| DDI RULE 4210 | MEDUSA - HTTP (Request) | HIGH | | 2019/08/27 | DDI RULE 4210 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4210 |
| DDI RULE 4206 | AXIS2 GETSHELL - COMMAND INJECTION - HTTP (Request) | HIGH | | 2019/08/26 | DDI RULE 4206 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4206 |
| DDI RULE 4193 | CVE-2019-9511 Data Dribble - HTTP2 (Request) | LOW | | 2019/08/26 | DDI RULE 4193 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4193 |
| DDI RULE 4194 | CVE-2019-9512 PING Flood - HTTP2 (Request) | LOW | | 2019/08/26 | DDI RULE 4194 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4194 |
| DDI RULE 4195 | CVE-2019-9515 SETTINGS Flood - HTTP2 (Request) | LOW | | 2019/08/26 | DDI RULE 4195 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4195 |
| DDI RULE 4196 | CVE-2019-9517 Internal Data Buffering - HTTP2 (Request) | LOW | | 2019/08/26 | DDI RULE 4196 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4196 |
| DDI RULE 4197 | CVE-2019-9518 Empty Frames Flood - HTTP2 (Request) | LOW | | 2019/08/26 | DDI RULE 4197 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4197 |
| DDI RULE 4198 | ANUBIS - HTTP (Request) | HIGH | | 2019/08/22 | DDI RULE 4198 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4198 |
| DDI RULE 4201 | CVE-2019-1181 Chopper Compression Overflow Remote Code Execution - RDP (Request) | LOW | | 2019/08/22 | DDI RULE 4201 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4201 |
| DDI RULE 4202 | CVE-2019-1182 Chopper Compression Overflow Remote Code Execution - RDP (Request) | LOW | | 2019/08/22 | DDI RULE 4202 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4202 |
| DDI RULE 4200 | CVE-2015-4051 - BECKHOFF RCE - HTTP (Request) | HIGH | | 2019/08/21 | DDI RULE 4200 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4200 |
| DDI RULE 4191 | CVE-2017-11774 MS Outlook Security Bypass Remote Code Execution - HTTP (Request) | MEDIUM | | 2019/08/15 | DDI RULE 4191 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4191 |
| DDI RULE 4192 | IRIS Remote Command Execution - HTTP (Request) | HIGH | | 2019/08/15 | DDI RULE 4192 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4192 |
| DDI RULE 4111 | CVE-2009-5157 Linksys WAG54G2 RCE Exploit - HTTP (Request) | HIGH | | 2019/08/15 | DDI RULE 4111 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4111 |
| DDI RULE 2289 | Unsuccessful logon - FTP | LOW | | 2019/08/15 | DDI RULE 2289 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2289 |
| DDI RULE 2290 | Possible Brute force - FTP | LOW | | 2019/08/15 | DDI RULE 2290 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2290 |
| DDI RULE 2547 | NETGEAR DGN1000/DGN2200 Remote Code Execution - HTTP (Request) | HIGH | | 2019/08/15 | DDI RULE 2547 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2547 |
| DDI RULE 4190 | RAIL RCE Exploit - HTTP (Request) | HIGH | | 2019/08/14 | DDI RULE 4190 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4190 |
| DDI RULE 4183 | Xfinity Gateway RCE Exploit - HTTP (Request) | HIGH | | 2019/08/14 | DDI RULE 4183 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4183 |
| DDI RULE 4187 | FLIR - Command Injection - HTTP (Request) | HIGH | | 2019/08/13 | DDI RULE 4187 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4187 |
| DDI RULE 4188 | CVE-2014-3914 - Rocket Servergraph - RCE - HTTP (Request) | HIGH | | 2019/08/13 | DDI RULE 4188 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4188 |
| DDI RULE 4189 | Beward N100 RCE Exploit - HTTP (Request) | HIGH | | 2019/08/13 | DDI RULE 4189 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4189 |
| DDI RULE 4166 | CVE-2015-4335 REDIS Eval LUA Sandbox Bypass Exploit - TCP (Request) | HIGH | | 2019/08/13 | DDI RULE 4166 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4166 |
| DDI RULE 4184 | Homematic RCE Exploit - HTTP (Request) | HIGH | | 2019/08/12 | DDI RULE 4184 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4184 |
| DDI RULE 4185 | NXT Eyelock RCE Exploit - HTTP (Request) | HIGH | | 2019/08/12 | DDI RULE 4185 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4185 |
| DDI RULE 4175 | LORD - Exploit Kit - HTTP (Response) | HIGH | | 2019/08/08 | DDI RULE 4175 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4175 |
| DDI RULE 4179 | CVE-2017-8917 - JOOMLA - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 4179 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4179 |
| DDI RULE 4167 | CAMBIUM RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 4167 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4167 |
| DDI RULE 4160 | NTOP RCE Exploit - HTTP (Request) - Variant 3 | HIGH | | 2019/08/07 | DDI RULE 4160 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4160 |
| DDI RULE 4161 | NTOP RCE Exploit - HTTP (Request) - Variant 4 | HIGH | | 2019/08/07 | DDI RULE 4161 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4161 |
| DDI RULE 4159 | NTOP RCE Exploit - HTTP (Request) - Variant 2 | HIGH | | 2019/08/07 | DDI RULE 4159 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4159 |
| DDI RULE 4150 | POSSIBLE XSS - HTTP (Request) | MEDIUM | | 2019/08/07 | DDI RULE 4150 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4150 |
| DDI RULE 4114 | CVE-2012-4869 PBX RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 4114 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4114 |
| DDI RULE 4125 | Mitel Audio RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 4125 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4125 |
| DDI RULE 4112 | CVE-2019-12094 Horde Webmail Unauthenticated RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 4112 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4112 |
| DDI RULE 4106 | Gitorious Unauthenticated RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 4106 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4106 |
| DDI RULE 4100 | CVE-2010-5330 UBIQUITY Nanostation5 RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 4100 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4100 |
| DDI RULE 2938 | Dell Kace RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2938 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2938 |
| DDI RULE 2939 | CVE-2018-6961 VMWARE NSX RCE EXPLOIT - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2939 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2939 |
| DDI RULE 2940 | CISCO RV Routers RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2940 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2940 |
| DDI RULE 2941 | Possible CVE-2019-1663 CISCO RV Routers Buffer Overflow Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2941 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2941 |
| DDI RULE 2907 | CVE-2019-2616 ORACLE BI Pusblisher XXE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2907 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2907 |
| DDI RULE 2914 | CVE-2018-15961 - Adobe Cold Fusion Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2914 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2914 |
| DDI RULE 2919 | DLINK DWL 26000AP RCE EXPLOIT - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2919 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2919 |
| DDI RULE 2929 | Hadoop Yarn RCE Exploit - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2929 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2929 |
| DDI RULE 2485 | CCTV-DVR Remote Code Execution - HTTP (Request) | HIGH | | 2019/08/07 | DDI RULE 2485 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2485 |
| DDI RULE 4164 | CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) - Variant 2 | HIGH | | 2019/08/06 | DDI RULE 4164 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4164 |
| DDI RULE 4165 | CVE-2019-7238 Nexus Repository Manager RCE Exploit - HTTP (Request) | HIGH | | 2019/08/06 | DDI RULE 4165 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4165 |
| DDI RULE 4168 | CVE-2018-15379 Cisco Prime Infrastructure Remote Command Execution - HTTP (Request) | MEDIUM | | 2019/08/06 | DDI RULE 4168 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4168 |
| DDI RULE 4169 | Linksys Remote Debug Root Shell- HTTP (Request) | HIGH | | 2019/08/06 | DDI RULE 4169 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4169 |
| DDI RULE 4177 | CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request) | HIGH | | 2019/08/06 | DDI RULE 4177 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4177 |
| DDI RULE 4178 | XYMON RCE Exploit - HTTP (Request) | HIGH | | 2019/08/06 | DDI RULE 4178 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4178 |
| DDI RULE 4172 | APT - TONEDEAF - HTTP (Request) | HIGH | | 2019/08/06 | DDI RULE 4172 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4172 |
| DDI RULE 2639 | CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request) | HIGH | | 2019/08/06 | DDI RULE 2639 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2639 |
| DDI RULE 4173 | GHOSTDNS - Exploit Kit - HTTP (Response) - Variant 2 | HIGH | | 2019/08/05 | DDI RULE 4173 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4173 |
| DDI RULE 4174 | DNS Changer Exploit - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4174 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4174 |
| DDI RULE 4170 | CVE-2017-11357 TELERIK File Upload Exploit - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4170 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4170 |
| DDI RULE 4171 | CVE-2013-3763 - Oracle Endeca Sever - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4171 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4171 |
| DDI RULE 4115 | CVE-2009-2288 - NAGIOS - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4115 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4115 |
| DDI RULE 4116 | CVE-2012-0262 - OPS5CONFIG - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4116 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4116 |
| DDI RULE 2934 | LG NAS - Command Injection - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 2934 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2934 |
| DDI RULE 2935 | OPENDREAMBOX - Command Injection - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 2935 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2935 |
| DDI RULE 2936 | CVE-2019-3929 - BLACKBOX - COMMAND INJECTION - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 2936 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2936 |
| DDI RULE 2937 | CVE-2019-10867 - PIMCORE - Unserialize RCE - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 2937 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2937 |
| DDI RULE 2942 | CVE-2019-1003000 - JENKINS - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 2942 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2942 |
| DDI RULE 2948 | CVE-2018-11510 - Asustor ADM - Command Injection - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 2948 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2948 |
| DDI RULE 2950 | CVE-2017-5174 - GEUTEBRUCK - Command Injection - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 2950 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2950 |
| DDI RULE 4107 | CVE-2011-3587 - PLONE - HTTP (Request) | MEDIUM | | 2019/08/05 | DDI RULE 4107 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4107 |
| DDI RULE 4108 | CVE-2003-0050 - QUICKTIME - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4108 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4108 |
| DDI RULE 4109 | OP5MONITOR - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4109 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4109 |
| DDI RULE 4110 | CVE-2005-2773 - HP OPENVIEW NETWORK NODE MANAGER- HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4110 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4110 |
| DDI RULE 4102 | WEBMIN - Command Execution - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 4102 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4102 |
| DDI RULE 2341 | COBALTSTRIKE - HTTP (Request) | HIGH | | 2019/08/05 | DDI RULE 2341 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2341 |
| DDI RULE 2452 | Wget Commandline Injection | MEDIUM | | 2019/07/31 | DDI RULE 2452 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2452 |
| DDI RULE 4133 | ASTAROTH JSON - HTTP (Response) | HIGH | | 2019/07/24 | DDI RULE 4133 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4133 |
| DDI RULE 4163 | Possible CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request) | LOW | | 2019/07/24 | DDI RULE 4163 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4163 |
| DDI RULE 4152 | COBALTSTRIKE - HTTP (Response) | HIGH | | 2019/07/24 | DDI RULE 4152 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4152 |
| DDI RULE 4154 | CVE-2019-11580 Atlassian RCE Exploit - HTTP (Request) | HIGH | | 2019/07/24 | DDI RULE 4154 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4154 |
| DDI RULE 2678 | CVE-2014-3120 - ElasticSearch Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2019/07/24 | DDI RULE 2678 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2678 |
| DDI RULE 4156 | ECH0RAIX - Ransomware - HTTP (Request) | HIGH | | 2019/07/22 | DDI RULE 4156 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4156 |
| DDI RULE 4157 | NTOP RCE Exploit - HTTP (Request) | HIGH | | 2019/07/22 | DDI RULE 4157 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4157 |
| DDI RULE 1122 | Office Document File Internal Transfer | LOW | | 2019/07/22 | DDI RULE 1122 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1122 |
| DDI RULE 1123 | Office Document File Upload | LOW | | 2019/07/22 | DDI RULE 1123 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1123 |
| DDI RULE 1119 | HTTP Request - Hostname is an IP address | LOW | | 2019/07/22 | DDI RULE 1119 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1119 |
| DDI RULE 4155 | EICAR COBALTSTRIKE - HTTP (Response) | HIGH | | 2019/07/18 | DDI RULE 4155 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4155 |
| DDI RULE 4153 | COBALTSTRIKE - HTTP (Request) - Variant 2 | HIGH | | 2019/07/18 | DDI RULE 4153 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4153 |
| DDI RULE 4138 | ICEDID - HTTP (Request) - Variant 2 | HIGH | | 2019/07/18 | DDI RULE 4138 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4138 |
| DDI RULE 4139 | ICEDID - HTTP (Response) | HIGH | | 2019/07/18 | DDI RULE 4139 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4139 |
| DDI RULE 4151 | WANNALOCKER - Ransomware - HTTP (Request) | HIGH | | 2019/07/17 | DDI RULE 4151 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4151 |
| DDI RULE 4132 | SHELLBOT - IRC (Request) | HIGH | | 2019/07/16 | DDI RULE 4132 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4132 |
| DDI RULE 4149 | Possible CVE-2019-1040 MS NTLM Tampering Exploit - SMB (Request) | LOW | | 2019/07/16 | DDI RULE 4149 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4149 |
| DDI RULE 4140 | INFOSTEAL - HTTP (Request) - Variant 6 | HIGH | | 2019/07/15 | DDI RULE 4140 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4140 |
| DDI RULE 4136 | ECH0RAIX - Ransomware - TCP (Request) | HIGH | | 2019/07/12 | DDI RULE 4136 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4136 |
| DDI RULE 4121 | Dogfood CRM spell.php Remote Command Execution - HTTP (Request) | HIGH | | 2019/07/11 | DDI RULE 4121 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4121 |
| DDI RULE 4123 | Redmine SCM Repository 0.9.x/1.0.x - Remote Command Execution - HTTP (Request) | HIGH | | 2019/07/11 | DDI RULE 4123 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4123 |
| DDI RULE 4122 | CTEK SkyRouter 4200/4300 - Command Execution - HTTP (Request) | HIGH | | 2019/07/10 | DDI RULE 4122 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4122 |
| DDI RULE 4105 | POSSIBLE MALICIOUS CHROME EXTENSION - HTTP (Request) | MEDIUM | | 2019/07/10 | DDI RULE 4105 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4105 |
| DDI RULE 4119 | Awstats Remote Command Injection - HTTP (Request) | HIGH | | 2019/07/10 | DDI RULE 4119 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4119 |
| DDI RULE 4120 | CVE-2005-2847 Barracuda IMG.pl Remote Command Execution - HTTP (Request) | HIGH | | 2019/07/10 | DDI RULE 4120 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4120 |
| DDI RULE 2578 | CVE-2017-17215 - Remote Code Execution - HTTP (Request) | HIGH | | 2019/07/10 | DDI RULE 2578 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2578 |
| DDI RULE 4118 | CVE-2007-3010 Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 Command Injection - HTTP (Request) | HIGH | | 2019/07/09 | DDI RULE 4118 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4118 |
| DDI RULE 4130 | APT - NFLOG - HTTP (Request) - Variant 2 | HIGH | | 2019/07/09 | DDI RULE 4130 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4130 |
| DDI RULE 4131 | NANOCORE - TCP (Request) | HIGH | | 2019/07/09 | DDI RULE 4131 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4131 |
| DDI RULE 4127 | Suspicious PowerQuery - HTTP (Response) | MEDIUM | | 2019/07/08 | DDI RULE 4127 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4127 |
| DDI RULE 4124 | GetShell CKNIFE - HTTP (Request) | HIGH | | 2019/07/08 | DDI RULE 4124 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4124 |
| DDI RULE 2846 | SPELEVO - Exploit Kit -HTTP (Response) | HIGH | | 2019/07/04 | DDI RULE 2846 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2846 |
| DDI RULE 4117 | Spreecommerce 0.60.1 - Remote Command Execution - HTTP (Request) | HIGH | | 2019/07/02 | DDI RULE 4117 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4117 |
| DDI RULE 4113 | CVE-2019-12095 Horde Webmail Unauthenticated XSS Exploit - HTTP (Request) | HIGH | | 2019/07/01 | DDI RULE 4113 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4113 |
| DDI RULE 4103 | Daemon DD-WRT Unauthenticated RCE Exploit - HTTP (Request) | HIGH | | 2019/06/26 | DDI RULE 4103 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4103 |
| DDI RULE 4104 | Asmax RCE Exploit - HTTP (Request) | HIGH | | 2019/06/26 | DDI RULE 4104 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4104 |
| DDI RULE 2943 | CVE-2013-5758 Yealink VoIP Phone SIP-T38G RCE - HTTP (Request) | HIGH | | 2019/06/26 | DDI RULE 2943 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2943 |
| DDI RULE 2903 | Oracle Weblogic Remote Command Execution Exploit - HTTP (Request) | HIGH | | 2019/06/25 | DDI RULE 2903 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2903 |
| DDI RULE 2871 | possible Directory Traversal Exploit Attempted - URI Variable/URI Path - HTTP (Request) | HIGH | | 2019/06/25 | DDI RULE 2871 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2871 |
| DDI RULE 1184 | possible Directory Traversal Exploit Attempted - Messagebody - HTTP (Request) | LOW | | 2019/06/25 | DDI RULE 1184 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1184 |
| DDI RULE 2172 | NULL BYTES - HTTP (Request) | LOW | | 2019/06/24 | DDI RULE 2172 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2172 |
| DDI RULE 2949 | CVE-2013-5948 Asus device Remote code Execution Exploit- HTTP (Request) | HIGH | | 2019/06/24 | DDI RULE 2949 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2949 |
| DDI RULE 4101 | CVE-2019-10149 Exim Remote Code Execution Exploit - SMTP (Request) - Variant 2 | HIGH | | 2019/06/24 | DDI RULE 4101 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-4101 |
| DDI RULE 2811 | CVE-2018-15887 Asus device Remote code Execution Exploit- HTTP (Request) | HIGH | | 2019/06/24 | DDI RULE 2811 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2811 |
| DDI RULE 2786 | ThinkPHP 5x Remote Code Execution - HTTP (Request) | HIGH | | 2019/06/24 | DDI RULE 2786 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2786 |
| DDI RULE 2921 | Possible Vulnerable Channel - RDP (Request) - Variant 2 | LOW | | 2019/06/12 | DDI RULE 2921 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2921 |
| DDI RULE 2922 | CVE-2014-6287 Rejetto HttpFileServer RCE Exploit - HTTP (Request) | HIGH | | 2019/06/11 | DDI RULE 2922 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2922 |
| DDI RULE 2898 | Weblogic Unauthenticated RCE Exploit- HTTP (Request) | MEDIUM | | 2019/06/11 | DDI RULE 2898 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2898 |
| DDI RULE 2933 | HIDDENWASP - TCP Connection | HIGH | | 2019/06/11 | DDI RULE 2933 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2933 |
| DDI RULE 2894 | CVE-2019-0192 Apache SOLR RCE Exploit - HTTP (Request) | HIGH | | 2019/06/10 | DDI RULE 2894 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2894 |
| DDI RULE 2895 | CVE-2014-9727 Fritz RCE Exploit - HTTP (Request) | HIGH | | 2019/06/10 | DDI RULE 2895 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2895 |
| DDI RULE 2896 | Fritz RCE Exploit - HTTP (Request) | HIGH | | 2019/06/10 | DDI RULE 2896 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2896 |
| DDI RULE 2874 | ZEROSHELL RCE EXPLOIT - HTTP (Request) | HIGH | | 2019/06/10 | DDI RULE 2874 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2874 |
| DDI RULE 2825 | CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request) | HIGH | | 2019/06/10 | DDI RULE 2825 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2825 |
| DDI RULE 2858 | CVE-2019-1652 CISCO UNAUTHENTICATED RCE - HTTP (Request) | HIGH | | 2019/06/10 | DDI RULE 2858 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2858 |
| DDI RULE 2638 | CVE-2018-7602 - Remote Code Execution - HTTP (Request) | HIGH | | 2019/06/06 | DDI RULE 2638 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2638 |
| DDI RULE 2884 | CVE-2018-19127 PHPCMS2008 Code Injection - HTTP (Request) | HIGH | | 2019/06/06 | DDI RULE 2884 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2884 |
| DDI RULE 2930 | Possible RIG Exploit Kit - HTTP (Request) | LOW | | 2019/06/06 | DDI RULE 2930 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2930 |
| DDI RULE 2931 | HIDDENWASP - TCP (Request) | HIGH | | 2019/06/06 | DDI RULE 2931 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2931 |
| DDI RULE 2932 | HIDDENWASP - TCP (Response) | HIGH | | 2019/06/06 | DDI RULE 2932 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2932 |
| DDI RULE 3 | Suspicious executable file extension - Variant 2 | HIGH | | 2019/06/06 | DDI RULE 3 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-3 |
| DDI RULE 30 | Email/Instant message containing malicious URL | HIGH | | 2019/06/06 | DDI RULE 30 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-30 |
| DDI RULE 2348 | CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request) | HIGH | | 2019/06/06 | DDI RULE 2348 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2348 |
| DDI RULE 2927 | Possible WEBSHELL Command - HTTP (Request) | MEDIUM | | 2019/06/05 | DDI RULE 2927 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2927 |
| DDI RULE 2917 | CVE-2019-3719 Dell Support Assist RCE - HTTP (Request) | HIGH | | 2019/06/05 | DDI RULE 2917 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2917 |
| DDI RULE 2928 | EANVER Webshell - HTTP (Request) | HIGH | | 2019/06/04 | DDI RULE 2928 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2928 |
| DDI RULE 2924 | Possible PHP Admin Bruteforce - HTTP (Request) | LOW | | 2019/06/04 | DDI RULE 2924 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2924 |
| DDI RULE 2925 | HAWKEYE - SMTP (Request) | HIGH | | 2019/06/04 | DDI RULE 2925 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2925 |
| DDI RULE 2926 | WePresent WiPG1000 Command Injection - HTTP (Request) | HIGH | | 2019/06/04 | DDI RULE 2926 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2926 |
| DDI RULE 2132 | NEUTRINO - Exploit Kit - HTTP (Request) - Variant 2 | LOW | | 2019/06/04 | DDI RULE 2132 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2132 |
| DDI RULE 2776 | Possible XML External Entity Attack - HTTP (Response) | MEDIUM | | 2019/06/03 | DDI RULE 2776 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2776 |
| DDI RULE 2923 | BLASQUI Webshell - HTTP (Request) | HIGH | | 2019/05/30 | DDI RULE 2923 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2923 |
| DDI RULE 2920 | JNAP Information Disclosure Attempt - HTTP (Request) | MEDIUM | | 2019/05/29 | DDI RULE 2920 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2920 |
| DDI RULE 2913 | Possible Vulnerable Channel - RDP (Request) | LOW | | 2019/05/23 | DDI RULE 2913 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2913 |
| DDI RULE 2918 | CVE-2018-7841 - SCHNEIDER ELECTRIC - HTTP (Request) | HIGH | | 2019/05/23 | DDI RULE 2918 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2918 |
| DDI RULE 2889 | ANTSWORD - HTTP (Request) | HIGH | | 2019/05/21 | DDI RULE 2889 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2889 |
| DDI RULE 2770 | Possible XML Information Disclosure - HTTP (Response) | HIGH | | 2019/05/21 | DDI RULE 2770 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2770 |
| DDI RULE 2885 | Remote Code Execution - EXPLOIT - HTTP (Request) - Variant 6 | HIGH | | 2019/05/20 | DDI RULE 2885 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2885 |
| DDI RULE 2915 | ASLIROR - HTTP (Request) | HIGH | | 2019/05/20 | DDI RULE 2915 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2915 |
| DDI RULE 2916 | FUNARECHBOT - TCP (Request) | HIGH | | 2019/05/20 | DDI RULE 2916 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2916 |
| DDI RULE 2912 | CVE-2019-0604 SharePoint Remote Code Execution Exploit - HTTP (Request) | MEDIUM | | 2019/05/20 | DDI RULE 2912 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2912 |
| DDI RULE 2911 | HYPERSHELL - WEBSHELL - HTTP (Request) | HIGH | | 2019/05/15 | DDI RULE 2911 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2911 |
| DDI RULE 2877 | CVE-2019-0232 Apache Tomcat RCE - HTTP (Request) | HIGH | | 2019/05/15 | DDI RULE 2877 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2877 |
| DDI RULE 2908 | CVE-2018-16509 GHOSTSCRIPT UNAUTHENTICATED - HTTP (Request) | HIGH | | 2019/05/13 | DDI RULE 2908 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2908 |
| DDI RULE 2071 | CERBER - Ransomware - UDP | HIGH | | 2019/05/13 | DDI RULE 2071 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2071 |
| DDI RULE 2904 | Possible IE Exploit - HTTP (Response) - Variant 5 | HIGH | | 2019/05/09 | DDI RULE 2904 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2904 |
| DDI RULE 2905 | Possible IE Exploit - HTTP (Response) - Variant 6 | HIGH | | 2019/05/09 | DDI RULE 2905 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2905 |
| DDI RULE 2906 | CVE-2017-8046 - SPRINGDATA - HTTP (Request) | HIGH | | 2019/05/09 | DDI RULE 2906 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2906 |
| DDI RULE 2886 | CVE-2018-1270 - SPRINGDATA - HTTP (Request) | HIGH | | 2019/05/09 | DDI RULE 2886 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2886 |
| DDI RULE 2899 | CVE-2018-1000861 - JENKINS - HTTP (Request) | HIGH | | 2019/05/09 | DDI RULE 2899 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2899 |
| DDI RULE 2901 | CVE-2014-0160 Malformed Heartbeat - SSL (Response) - Variant 2 | MEDIUM | | 2019/05/08 | DDI RULE 2901 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2901 |
| DDI RULE 2902 | SAP Gateway Remote Code Execution Exploit - TCP | MEDIUM | | 2019/05/08 | DDI RULE 2902 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2902 |
| DDI RULE 2900 | Possible PNG Exploit - HTTP (Request) | MEDIUM | | 2019/05/07 | DDI RULE 2900 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2900 |
| DDI RULE 1879 | Possible COREBOT DNS Response | MEDIUM | | 2019/05/07 | DDI RULE 1879 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1879 |
| DDI RULE 2880 | CVE-2019-5418 - RUBY ON RAILS - FILE CONTENT DISCLOSURE - HTTP (Request) | HIGH | | 2019/05/03 | DDI RULE 2880 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2880 |
| DDI RULE 2892 | NAMECOIN - HTTP (Request) | HIGH | | 2019/05/02 | DDI RULE 2892 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2892 |
| DDI RULE 2893 | JEXBOSS - HTTP (Request) | HIGH | | 2019/05/02 | DDI RULE 2893 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2893 |
| DDI RULE 2890 | INFOSTEAL - HTTP (Request) - Variant 5 | HIGH | | 2019/04/30 | DDI RULE 2890 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2890 |
| DDI RULE 2887 | CVE-2019-3396 - ATLASSIAN CONFLUENCE - HTTP (Request) | HIGH | | 2019/04/25 | DDI RULE 2887 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2887 |
| DDI RULE 2888 | FASTJSON Deserialization Exploit - HTTP (Request) | HIGH | | 2019/04/25 | DDI RULE 2888 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2888 |
| DDI RULE 29 | Unregistered sender and recipient domains - Email | LOW | | 2019/04/24 | DDI RULE 29 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-29 |
| DDI RULE 2883 | Possible PUT Header Scanner - HTTP (Response) | LOW | | 2019/04/24 | DDI RULE 2883 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2883 |
| DDI RULE 2881 | HYDRA WEBSHELL - HTTP (Request) | HIGH | | 2019/04/23 | DDI RULE 2881 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2881 |
| DDI RULE 2878 | APT - POORWEB - HTTP (Request) | HIGH | | 2019/04/23 | DDI RULE 2878 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2878 |
| DDI RULE 2879 | IIS - SCANNER - HTTP (Request) | MEDIUM | | 2019/04/22 | DDI RULE 2879 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2879 |
| DDI RULE 2342 | IMEIJ - TCP | HIGH | | 2019/04/18 | DDI RULE 2342 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2342 |
| DDI RULE 2875 | CVE-2011-1966 DNS NAPTR QUERY EXPLOIT - DNS (Response) | HIGH | | 2019/04/17 | DDI RULE 2875 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2875 |
| DDI RULE 2876 | PCASTLE - HTTP (Response) | HIGH | | 2019/04/17 | DDI RULE 2876 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2876 |
| DDI RULE 2600 | CVE-2017-10271 - Oracle Weblogic Exploit - HTTP (Request) | HIGH | | 2019/04/16 | DDI RULE 2600 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2600 |
| DDI RULE 2872 | XWO - Backdoor - HTTP (Request) | HIGH | | 2019/04/11 | DDI RULE 2872 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2872 |
| DDI RULE 2873 | THINKPHP SQL INJECT Exploit - HTTP (Request) | HIGH | | 2019/04/10 | DDI RULE 2873 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2873 |
| DDI RULE 2869 | CANITMUP - HTTP (Request) | HIGH | | 2019/04/10 | DDI RULE 2869 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2869 |
| DDI RULE 2870 | IPCAMERA - EXPLOIT - RCE - HTTP (Request) | HIGH | | 2019/04/09 | DDI RULE 2870 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2870 |
| DDI RULE 2867 | BELKIN Router - HTTP (Request) - Variant 2 | HIGH | | 2019/04/09 | DDI RULE 2867 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2867 |
| DDI RULE 2868 | ZTE Router - HTTP (Request) - Variant 2 | HIGH | | 2019/04/09 | DDI RULE 2868 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2868 |
| DDI RULE 1645 | Possible Self-Signed SSL certificate detected | MEDIUM | | 2019/04/09 | DDI RULE 1645 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1645 |
| DDI RULE 2526 | NECURS - HTTP (Request) - Variant 2 | HIGH | | 2019/04/09 | DDI RULE 2526 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2526 |
| DDI RULE 2865 | CVE-2018-17173 LG Supersign Remote Code Execution - HTTP (Request) | HIGH | | 2019/04/08 | DDI RULE 2865 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2865 |
| DDI RULE 2866 | MICASAVERDE VERALITE - Remote Code Execution - HTTP (Request) | HIGH | | 2019/04/08 | DDI RULE 2866 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2866 |
| DDI RULE 2816 | PHP DIESCAN - HTTP (Request) | HIGH | | 2019/04/04 | DDI RULE 2816 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2816 |
| DDI RULE 2000 | Metasploit(Payload) - Reverse DLL Inject - TCP (Response) | HIGH | | 2019/04/04 | DDI RULE 2000 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2000 |
| DDI RULE 2863 | PHP DASHBOARD SQLINJECT - HTTP (Request) | HIGH | | 2019/04/03 | DDI RULE 2863 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2863 |
| DDI RULE 2864 | CVE-2018-1149 NUUO NVRMini2 BufferOverflow - HTTP (Request) | HIGH | | 2019/04/03 | DDI RULE 2864 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2864 |
| DDI RULE 2860 | Belking Wemo UPnP RCE Exploit - HTTP (Request) | HIGH | | 2019/04/02 | DDI RULE 2860 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2860 |
| DDI RULE 2859 | Possible SPELEVO - Exploit Kit -HTTP (Response) | HIGH | | 2019/03/28 | DDI RULE 2859 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2859 |
| DDI RULE 2862 | MARSATORMIN - HTTP (Request) | HIGH | | 2019/03/28 | DDI RULE 2862 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2862 |
| DDI RULE 2856 | DLINK Command Injection Exploit - HTTP (Request) - Variant 3 | HIGH | | 2019/03/28 | DDI RULE 2856 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2856 |
| DDI RULE 2853 | NETGEAR DGN2200v1/v2/v3/v4 - CVE-2017-6334 - Remote Code Execution - HTTP (Request) | LOW | | 2019/03/27 | DDI RULE 2853 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2853 |
| DDI RULE 2854 | LINKSYS_WRT110 - CVE-2013-3568 - Remote Code Execution - HTTP (Request) | LOW | | 2019/03/27 | DDI RULE 2854 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2854 |
| DDI RULE 2840 | NETCOMMWIRELESS - CVE-2015-6023 - CVE-2015-6024 - Remote Code Execution - HTTP (Request) | LOW | | 2019/03/27 | DDI RULE 2840 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2840 |
| DDI RULE 2839 | ZTE F460 F660 - Remote Code Execution - HTTP (Request) | HIGH | | 2019/03/26 | DDI RULE 2839 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2839 |
| DDI RULE 2855 | Netgear Prosafe RCE Exploit - HTTP (Request) | HIGH | | 2019/03/26 | DDI RULE 2855 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2855 |
| DDI RULE 2857 | DLINK 930L RCE EXPLOIT - HTTP (Request) | HIGH | | 2019/03/26 | DDI RULE 2857 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2857 |
| DDI RULE 2828 | Zyxel - Remote Code Execution - HTTP (Request) | HIGH | | 2019/03/26 | DDI RULE 2828 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2828 |
| DDI RULE 2829 | Zyxel - Command Injection - HTTP (Request) | HIGH | | 2019/03/20 | DDI RULE 2829 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2829 |
| DDI RULE 2830 | Billion-5200W-T - Command Injection - HTTP (Request) | HIGH | | 2019/03/20 | DDI RULE 2830 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2830 |
| DDI RULE 2831 | Billion 5200W-T - Remote Code Execution - HTTP (Request) - Variant 2 | HIGH | | 2019/03/20 | DDI RULE 2831 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2831 |
| DDI RULE 2852 | DOC File downloaded in root directory - HTTP (Response) | HIGH | | 2019/03/20 | DDI RULE 2852 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2852 |
| DDI RULE 2841 | 3COM - Remote Code Execution - HTTP (Request) | HIGH | | 2019/03/20 | DDI RULE 2841 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2841 |
| DDI RULE 1631 | Remote Schedule Tasks through SMB protocol detected - Create Command | LOW | | 2019/03/20 | DDI RULE 1631 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1631 |
| DDI RULE 1632 | Remote Schedule Tasks through SMB protocol detected - Run Command | LOW | | 2019/03/20 | DDI RULE 1632 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1632 |
| DDI RULE 1633 | Remote Schedule Tasks through SMB protocol detected - Delete Command | LOW | | 2019/03/20 | DDI RULE 1633 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1633 |
| DDI RULE 1763 | STRPADT - HTTP (Request) | HIGH | | 2019/03/19 | DDI RULE 1763 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1763 |
| DDI RULE 2849 | CVE-2019-9194-HTTP RCE - ELFINDER (Request) | HIGH | | 2019/03/19 | DDI RULE 2849 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2849 |
| DDI RULE 2850 | CHWRITER - HTTP (Request) | HIGH | | 2019/03/19 | DDI RULE 2850 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2850 |
| DDI RULE 2851 | MAKO WEB SERVER - Command Injection - HTTP (Request) | HIGH | | 2019/03/19 | DDI RULE 2851 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2851 |
| DDI RULE 2710 | FLAWEDAMMYY - TCP (Request) | HIGH | | 2019/03/18 | DDI RULE 2710 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2710 |
| DDI RULE 2400 | Remote Enumerate Registry through SMB protocol detected | LOW | | 2019/03/18 | DDI RULE 2400 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2400 |
| DDI RULE 2401 | Remote Read Registry through SMB protocol detected | LOW | | 2019/03/18 | DDI RULE 2401 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2401 |
| DDI RULE 2415 | Remote Delete Registry through SMB protocol detected | LOW | | 2019/03/18 | DDI RULE 2415 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2415 |
| DDI RULE 2068 | DRIDEX - SSL (Request) | HIGH | | 2019/03/13 | DDI RULE 2068 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2068 |
| DDI RULE 2848 | INFOSTEAL - HTTP (Request) - Variant 4 | HIGH | | 2019/03/13 | DDI RULE 2848 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2848 |
| DDI RULE 2834 | CVE-2019-8942 WordPress Image Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2019/03/12 | DDI RULE 2834 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2834 |
| DDI RULE 2780 | TRICKBOT - HTTP (Request) | HIGH | | 2019/03/12 | DDI RULE 2780 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2780 |
| DDI RULE 2847 | INFOSTEAL - FTP (Request) | HIGH | | 2019/03/11 | DDI RULE 2847 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2847 |
| DDI RULE 2844 | RIG - Exploit Kit - HTTP (Request) - Variant 2 | HIGH | | 2019/03/11 | DDI RULE 2844 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2844 |
| DDI RULE 1535 | ZACOM - HTTP (Request) | HIGH | | 2019/03/11 | DDI RULE 1535 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1535 |
| DDI RULE 1195 | Remote Add Job through SMB Protocol Detected | LOW | | 2019/03/11 | DDI RULE 1195 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1195 |
| DDI RULE 1196 | Remote Delete Job through SMB Detected | MEDIUM | | 2019/03/11 | DDI RULE 1196 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1196 |
| DDI RULE 12 | Archive file containing file with double extension | MEDIUM | | 2019/03/11 | DDI RULE 12 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-12 |
| DDI RULE 2408 | Remote Enumerate Job through SMB protocol detected | LOW | | 2019/03/11 | DDI RULE 2408 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2408 |
| DDI RULE 2352 | CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request) - Variant 2 | HIGH | | 2019/03/11 | DDI RULE 2352 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2352 |
| DDI RULE 2845 | Possible PDF in Chrome Information Disclosure - HTTP (Request) | MEDIUM | | 2019/03/07 | DDI RULE 2845 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2845 |
| DDI RULE 2826 | JBOSS Webshell - HTTP (Request) | HIGH | | 2019/03/06 | DDI RULE 2826 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2826 |
| DDI RULE 2819 | FASTGATE - Command Injection - HTTP (Request) | HIGH | | 2019/03/06 | DDI RULE 2819 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2819 |
| DDI RULE 2814 | JOOMLA - HTTP (Request) | HIGH | | 2019/03/05 | DDI RULE 2814 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2814 |
| DDI RULE 2791 | EMPIRE - HTTP (Request) - Variant 2 | MEDIUM | | 2019/03/05 | DDI RULE 2791 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2791 |
| DDI RULE 2836 | CVE-2017-0171 - Denial of Service - DNS (Response) | MEDIUM | | 2019/03/05 | DDI RULE 2836 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2836 |
| DDI RULE 2837 | CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request) | MEDIUM | | 2019/03/05 | DDI RULE 2837 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2837 |
| DDI RULE 2842 | CVE-2014-9118 ZHONE RCE EXPLOIT - HTTP (Request) | HIGH | | 2019/03/05 | DDI RULE 2842 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2842 |
| DDI RULE 2843 | ZHONE XSS Exploit - HTTP (Request) | HIGH | | 2019/03/05 | DDI RULE 2843 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2843 |
| DDI RULE 2838 | SPEAKUP - HTTP (Request) | HIGH | | 2019/03/04 | DDI RULE 2838 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2838 |
| DDI RULE 2835 | CVE-2016-3088 ACTIVEMQ - HTTP (Request) | HIGH | | 2019/03/04 | DDI RULE 2835 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2835 |
| DDI RULE 2806 | CVE-2016-1555 - Netgear Devices - Unauthenticated Remote Code Execution - HTTP (Request) | HIGH | | 2019/03/04 | DDI RULE 2806 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2806 |
| DDI RULE 2820 | Hootoo HT5 Remote code Execution - HTTP (Request) | HIGH | | 2019/03/04 | DDI RULE 2820 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2820 |
| DDI RULE 2833 | CVE-2019-6340 Drupal 8 RESTful Web Services Remote Code Execution - HTTP (Request) | HIGH | | 2019/03/04 | DDI RULE 2833 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2833 |
| DDI RULE 2823 | CKNIFE - HTTP (Request) - Variant 2 | HIGH | | 2019/02/21 | DDI RULE 2823 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2823 |
| DDI RULE 2824 | CVE-2015-2280 AirLink OS Command Injection - HTTP (Request) | HIGH | | 2019/02/21 | DDI RULE 2824 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2824 |
| DDI RULE 2822 | RATBLAMIK - TCP (Request) | HIGH | | 2019/02/20 | DDI RULE 2822 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2822 |
| DDI RULE 2821 | NEUTRINO - HTTP (Response) | MEDIUM | | 2019/02/19 | DDI RULE 2821 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2821 |
| DDI RULE 2385 | SOAP RCE EXPLOIT - HTTP (Request) | HIGH | | 2019/02/14 | DDI RULE 2385 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2385 |
| DDI RULE 2224 | Covert Iodine tunnel - DNS (Request) | LOW | | 2019/02/12 | DDI RULE 2224 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2224 |
| DDI RULE 2795 | Unauthorized Write Request - DNP3 (Request) | LOW | | 2019/02/11 | DDI RULE 2795 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2795 |
| DDI RULE 2796 | Unauthorized Broadcast Request - DNP3 (Request) | LOW | | 2019/02/11 | DDI RULE 2796 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2796 |
| DDI RULE 2797 | Possible Denial of Service - DNP3 (Request) | LOW | | 2019/02/11 | DDI RULE 2797 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2797 |
| DDI RULE 2798 | Unauthorized Read Request - DNP3 (Request) | LOW | | 2019/02/11 | DDI RULE 2798 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2798 |
| DDI RULE 2799 | Possible Scan of Points List - DNP3 (Response) Beta | LOW | | 2019/02/11 | DDI RULE 2799 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2799 |
| DDI RULE 28 | Unregistered service running on non-standard port | LOW | | 2019/02/11 | DDI RULE 28 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-28 |
| DDI RULE 2800 | Possible Scan of Outstation - DNP3 (Response) Beta | LOW | | 2019/02/11 | DDI RULE 2800 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2800 |
| DDI RULE 2801 | Multiple Unsolicited Response - DNP3 (Response) Beta | LOW | | 2019/02/11 | DDI RULE 2801 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2801 |
| DDI RULE 2807 | TEAMFOSTEALER - HTTP (Request) | HIGH | | 2019/02/07 | DDI RULE 2807 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2807 |
| DDI RULE 2812 | CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Request) | MEDIUM | | 2019/02/07 | DDI RULE 2812 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2812 |
| DDI RULE 2813 | CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Response) | HIGH | | 2019/02/07 | DDI RULE 2813 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2813 |
| DDI RULE 2810 | CVE-2019-6703 WordPress Total Donations Unauthentication Exploit - HTTP (Request) | MEDIUM | | 2019/02/07 | DDI RULE 2810 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2810 |
| DDI RULE 2209 | NEUTRINO - Exploit Kit - HTTP (Request) - Variant 5 | MEDIUM | | 2019/02/06 | DDI RULE 2209 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2209 |
| DDI RULE 1562 | DARKHOLE - HTTP (Request) - Variant 2 | HIGH | | 2019/02/06 | DDI RULE 1562 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1562 |
| DDI RULE 2817 | KEYPATH Command Injection - HTTP (Request) | HIGH | | 2019/02/05 | DDI RULE 2817 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2817 |
| DDI RULE 2818 | SERVHELPER - HTTP (Request) | HIGH | | 2019/02/05 | DDI RULE 2818 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2818 |
| DDI RULE 2815 | SIEREN - TCP(Request) | HIGH | | 2019/01/31 | DDI RULE 2815 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2815 |
| DDI RULE 2306 | KVNDM - HTTP (Request) | HIGH | | 2019/01/30 | DDI RULE 2306 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2306 |
| DDI RULE 2808 | FALLOUT - Exploit Kit - HTTP (Response) - Variant 3 | MEDIUM | | 2019/01/29 | DDI RULE 2808 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2808 |
| DDI RULE 2802 | Oracle Weblogic Exploit - HTTP (Request) | HIGH | | 2019/01/23 | DDI RULE 2802 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2802 |
| DDI RULE 2803 | Link-Net LW-N605R Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2019/01/23 | DDI RULE 2803 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2803 |
| DDI RULE 2804 | Possible Router Exploit Kit - HTTP (Response) | HIGH | | 2019/01/23 | DDI RULE 2804 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2804 |
| DDI RULE 2805 | CVE-2019-0547 Client Remote Code Execution Exploit - DHCP (Response) | MEDIUM | | 2019/01/23 | DDI RULE 2805 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2805 |
| DDI RULE 1871 | DRIDEX - HTTP (Request) - Variant 3 | HIGH | | 2019/01/23 | DDI RULE 1871 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1871 |
| DDI RULE 2143 | SQLINJECT - HTTP (Request) | LOW | | 2019/01/22 | DDI RULE 2143 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2143 |
| DDI RULE 2793 | APT - WINNTI - HTTP (Response) | HIGH | | 2019/01/21 | DDI RULE 2793 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2793 |
| DDI RULE 2794 | RIG - Exploit Kit - HTTP (Request) - Variant 7 | HIGH | | 2019/01/17 | DDI RULE 2794 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2794 |
| DDI RULE 2520 | MAGNITUDE - Exploit Kit - HTTP (Request) - Variant 4 | HIGH | | 2019/01/17 | DDI RULE 2520 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2520 |
| DDI RULE 1549 | APT - WINNTI - HTTP (Request) | HIGH | | 2019/01/14 | DDI RULE 1549 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1549 |
| DDI RULE 2792 | APT - KONNI - HTTP (Request) | HIGH | | 2019/01/09 | DDI RULE 2792 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2792 |
| DDI RULE 2144 | NEUTRINO - Exploit Kit - HTTP (Request) - Variant 3 | MEDIUM | | 2019/01/03 | DDI RULE 2144 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2144 |
| DDI RULE 2789 | CVE-2018-8653 MSIE Remote Code Execution - HTTP (Response) | MEDIUM | | 2018/12/27 | DDI RULE 2789 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2789 |
| DDI RULE 2790 | APT - WILDPOSITRON - HTTP (Request) | HIGH | | 2018/12/26 | DDI RULE 2790 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2790 |
| DDI RULE 1229 | ALINA HTTP request - Variant 1 | HIGH | | 2018/12/26 | DDI RULE 1229 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1229 |
| DDI RULE 2787 | CRISISHT - HTTP (Request) | MEDIUM | | 2018/12/20 | DDI RULE 2787 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2787 |
| DDI RULE 2788 | CVE-2018-8476 Windows Deployment Services Remote Code Execution Exploit - TFTP (Request) | MEDIUM | | 2018/12/20 | DDI RULE 2788 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2788 |
| DDI RULE 2784 | Ncrack/Hydra Brute Force Tool - RDP(Request) | HIGH | | 2018/12/19 | DDI RULE 2784 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2784 |
| DDI RULE 2785 | L0RDIX - HTTP (Request) | MEDIUM | | 2018/12/18 | DDI RULE 2785 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2785 |
| DDI RULE 2397 | STONEDRILL - HTTP (Request) - Variant 2 | HIGH | | 2018/12/18 | DDI RULE 2397 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2397 |
| DDI RULE 2779 | DNSpoinage DNS - (Response) | HIGH | | 2018/12/12 | DDI RULE 2779 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2779 |
| DDI RULE 2782 | TILDEB - TCP (Request) | MEDIUM | | 2018/12/11 | DDI RULE 2782 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2782 |
| DDI RULE 2081 | CRYPTEAR - Ransomware - HTTP (Request) | HIGH | | 2018/12/11 | DDI RULE 2081 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2081 |
| DDI RULE 2418 | Suspicious file rename - SMB (Request) | HIGH | | 2018/12/04 | DDI RULE 2418 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2418 |
| DDI RULE 2420 | Shodan Internet Scan - Malware Hunter C&C Server Scan | LOW | | 2018/12/04 | DDI RULE 2420 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2420 |
| DDI RULE 2421 | Shodan Internet Scan - Possible Exposed Device/Service | LOW | | 2018/12/04 | DDI RULE 2421 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2421 |
| DDI RULE 2442 | Possible PsExec PETYA - Ransomware - SMB | MEDIUM | | 2018/12/04 | DDI RULE 2442 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2442 |
| DDI RULE 1214 | BAYROB - HTTP (Request) | MEDIUM | | 2018/11/28 | DDI RULE 1214 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1214 |
| DDI RULE 2731 | KAIXIN - Exploit Kit - HTTP (Response) - Variant 5 | HIGH | | 2018/11/22 | DDI RULE 2731 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2731 |
| DDI RULE 2777 | Apache Struts File Upload - HTTP (Request) | HIGH | | 2018/11/21 | DDI RULE 2777 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2777 |
| DDI RULE 2778 | ZTE ZXV10 Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2018/11/21 | DDI RULE 2778 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2778 |
| DDI RULE 2775 | DOCKER API - HTTP (Request) | HIGH | | 2018/11/21 | DDI RULE 2775 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2775 |
| DDI RULE 2621 | Remote Code Execution - HTTP (Request) | HIGH | | 2018/11/21 | DDI RULE 2621 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2621 |
| DDI RULE 2771 | APT - POISONIVY - HTTP (Request) | HIGH | | 2018/11/20 | DDI RULE 2771 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2771 |
| DDI RULE 2772 | APT - GHOST - TCP (Request) | HIGH | | 2018/11/20 | DDI RULE 2772 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2772 |
| DDI RULE 2774 | APT - POWLOADR - HTTP (Request) | HIGH | | 2018/11/20 | DDI RULE 2774 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2774 |
| DDI RULE 2713 | AVTECH Command Injection Exploit - HTTP (Request) | HIGH | | 2018/11/20 | DDI RULE 2713 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2713 |
| DDI RULE 2474 | APT - PLEAD - TCP (Request) | HIGH | | 2018/11/20 | DDI RULE 2474 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2474 |
| DDI RULE 2494 | APT - ANEL - HTTP (Request) | HIGH | | 2018/11/20 | DDI RULE 2494 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2494 |
| DDI RULE 2716 | BINBASH Download - HTTP (Response) | HIGH | | 2018/11/12 | DDI RULE 2716 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2716 |
| DDI RULE 2765 | GZ Inflate in PHP File - HTTP (Response) | LOW | | 2018/11/12 | DDI RULE 2765 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2765 |
| DDI RULE 2766 | Possible WINBOX Remote Code Execution - TCP | MEDIUM | | 2018/11/12 | DDI RULE 2766 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2766 |
| DDI RULE 2767 | Window Shell Remote Code Execution - HTTP (Response) | HIGH | | 2018/11/12 | DDI RULE 2767 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2767 |
| DDI RULE 2768 | DLINK Router Dns Changer Exploit - HTTP (Request) | HIGH | | 2018/11/12 | DDI RULE 2768 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2768 |
| DDI RULE 277 | AUTORUN - HTTP (Response) - Variant 2 | HIGH | | 2018/11/12 | DDI RULE 277 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-277 |
| DDI RULE 2764 | Possible CVE-2018-8413 Windows Theme API RCE Download - HTTP (Response) | MEDIUM | | 2018/11/08 | DDI RULE 2764 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2764 |
| DDI RULE 2763 | Possible CVE-2018-15454 - Cisco ASA and FTD Software DOS - UDP (Response) | LOW | | 2018/11/07 | DDI RULE 2763 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2763 |
| DDI RULE 2762 | CVE-2018-9206 - JQuery Arbitrary File Upload Exploit Attempt - HTTP (Request) | HIGH | | 2018/11/06 | DDI RULE 2762 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2762 |
| DDI RULE 2756 | Possible ADWIND - Malicious Certificate - HTTPS (Response) | LOW | | 2018/11/06 | DDI RULE 2756 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2756 |
| DDI RULE 2007 | URSNIF - HTTP (Request) - Variant 3 | HIGH | | 2018/11/06 | DDI RULE 2007 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2007 |
| DDI RULE 2759 | UNDERMINER - Exploit Kit - HTTP (Request) - Variant 2 | HIGH | | 2018/10/30 | DDI RULE 2759 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2759 |
| DDI RULE 2760 | DRIDEX - Malicious certificate - SSL - Variant 2 | HIGH | | 2018/10/30 | DDI RULE 2760 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2760 |
| DDI RULE 2761 | URSNIF - HTTP (Request) - Variant 6 | HIGH | | 2018/10/30 | DDI RULE 2761 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2761 |
| DDI RULE 2632 | GRAVITYRAT - HTTP (Request) | HIGH | | 2018/10/29 | DDI RULE 2632 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2632 |
| DDI RULE 1170 | ANDROMEDA - HTTP (Request) | HIGH | | 2018/10/25 | DDI RULE 1170 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1170 |
| DDI RULE 2757 | ELF File requested from root directory - HTTP (Response) | HIGH | | 2018/10/22 | DDI RULE 2757 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2757 |
| DDI RULE 2758 | GZ File requested from root directory - HTTP (Request) | HIGH | | 2018/10/22 | DDI RULE 2758 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2758 |
| DDI RULE 2724 | CVE-2018-8373 VBScript Use-After-Free Exploit - HTTP (Response) | MEDIUM | | 2018/10/08 | DDI RULE 2724 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2724 |
| DDI RULE 2726 | CVE-2018-11776 - APACHE STRUTS RCE EXPLOIT - HTTP (Request) | HIGH | | 2018/10/04 | DDI RULE 2726 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2726 |
| DDI RULE 2754 | EnGenius EnShare Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2018/10/03 | DDI RULE 2754 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2754 |
| DDI RULE 2755 | CVE-2017-6884 Zyxel OS Command Injection Exploit - HTTP (Request) | MEDIUM | | 2018/10/03 | DDI RULE 2755 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2755 |
| DDI RULE 2692 | LINKSYS Unauthenticated Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2018/10/03 | DDI RULE 2692 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2692 |
| DDI RULE 2544 | JAWS Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2018/10/03 | DDI RULE 2544 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2544 |
| DDI RULE 2723 | MAGNITUDE - Exploit Kit - HTTP (Response) | HIGH | | 2018/10/02 | DDI RULE 2723 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2723 |
| DDI RULE 2753 | FALLOUT - Exploit Kit - HTTP (Request) | MEDIUM | | 2018/10/01 | DDI RULE 2753 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2753 |
| DDI RULE 2623 | Remote Code Execution - HTTP (Request) - Variant 2 | HIGH | | 2018/10/01 | DDI RULE 2623 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2623 |
| DDI RULE 2736 | ANTAK Webshell - HTTP (Request) | MEDIUM | | 2018/09/27 | DDI RULE 2736 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2736 |
| DDI RULE 2749 | Possible IE Exploit - HTTP (Response) - Variant 4 | LOW | | 2018/09/27 | DDI RULE 2749 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2749 |
| DDI RULE 2750 | CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2018/09/27 | DDI RULE 2750 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2750 |
| DDI RULE 2751 | Remote Command Shell - TCP | HIGH | | 2018/09/27 | DDI RULE 2751 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2751 |
| DDI RULE 2752 | Remote PowerShell - TCP | HIGH | | 2018/09/27 | DDI RULE 2752 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2752 |
| DDI RULE 2734 | TUNNA Webshell - HTTP (Request) | LOW | | 2018/09/24 | DDI RULE 2734 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2734 |
| DDI RULE 2735 | TUNNA Webshell - HTTP (Request) - Variant 2 | MEDIUM | | 2018/09/24 | DDI RULE 2735 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2735 |
| DDI RULE 2728 | NUUO Command Injection - HTTP (Request) | HIGH | | 2018/09/17 | DDI RULE 2728 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2728 |
| DDI RULE 2746 | BLUEBANANA - TCP (Request) | HIGH | | 2018/09/13 | DDI RULE 2746 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2746 |
| DDI RULE 2747 | IE Exploit - HTTP (Response) | HIGH | | 2018/09/13 | DDI RULE 2747 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2747 |
| DDI RULE 2748 | Possible IE Exploit - HTTP (Response) - Variant 3 | LOW | | 2018/09/13 | DDI RULE 2748 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2748 |
| DDI RULE 2745 | CVE-2018-9866 SonicWall XML RPC Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2018/09/12 | DDI RULE 2745 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2745 |
| DDI RULE 2732 | CVE-2009-3103 - Remote Code Execution - SMB2 | HIGH | | 2018/09/04 | DDI RULE 2732 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2732 |
| DDI RULE 2167 | ALFA - Ransomware - HTTP (Request) | HIGH | | 2018/09/04 | DDI RULE 2167 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2167 |
| DDI RULE 2714 | KAIXIN - Exploit Kit - HTTP (Request) - Variant 2 | HIGH | | 2018/09/03 | DDI RULE 2714 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2714 |
| DDI RULE 2730 | OMRON FINS TCP Read Controller Attempt NSE - TCP (Request) | LOW | | 2018/08/30 | DDI RULE 2730 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2730 |
| DDI RULE 475 | PALEVO - UDP - Variant 2 | MEDIUM | | 2018/08/30 | DDI RULE 475 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-475 |
| DDI RULE 48 | Query of a non-trusted domain mail exchanger using the host's DNS A record | LOW | | 2018/08/30 | DDI RULE 48 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-48 |
| DDI RULE 49 | Session using standard port - IRC | LOW | | 2018/08/30 | DDI RULE 49 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-49 |
| DDI RULE 5 | Executable file name with multiple consecutive spaces | HIGH | | 2018/08/30 | DDI RULE 5 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-5 |
| DDI RULE 50 | Host DNS MX record query of a trusted domain | LOW | | 2018/08/30 | DDI RULE 50 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-50 |
| DDI RULE 51 | Malware-related subject and executable file - Email | LOW | | 2018/08/30 | DDI RULE 51 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-51 |
| DDI RULE 52 | Unregistered mail server - Email | LOW | | 2018/08/30 | DDI RULE 52 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-52 |
| DDI RULE 54 | Archive file containing packed executable file - Email | HIGH | | 2018/08/30 | DDI RULE 54 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-54 |
| DDI RULE 542 | SYKIPOT - Server certificate - SSL | HIGH | | 2018/08/30 | DDI RULE 542 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-542 |
| DDI RULE 55 | File name with multiple consecutive spaces and executable extension | HIGH | | 2018/08/30 | DDI RULE 55 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-55 |
| DDI RULE 2729 | Possible IE Exploit - HTTP (Response) - Variant 2 | LOW | | 2018/08/29 | DDI RULE 2729 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2729 |
| DDI RULE 2005 | Possible EDELLROOT certificate detected | HIGH | | 2018/08/29 | DDI RULE 2005 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2005 |
| DDI RULE 2011 | UPATRE - HTTP (Request) - Variant 3 | HIGH | | 2018/08/29 | DDI RULE 2011 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2011 |
| DDI RULE 1128 | BANLOAD - HTTP (Request) | HIGH | | 2018/08/29 | DDI RULE 1128 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1128 |
| DDI RULE 1155 | BITCOIN - HTTP (Request) | HIGH | | 2018/08/29 | DDI RULE 1155 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1155 |
| DDI RULE 1663 | CRAZYK - HTTP (Request) | HIGH | | 2018/08/29 | DDI RULE 1663 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1663 |
| DDI RULE 2416 | DETOXCRYPTO - Ransomware - HTTP (Request) | HIGH | | 2018/08/29 | DDI RULE 2416 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2416 |
| DDI RULE 2413 | TRICKBOT - HTTP (Request) | HIGH | | 2018/08/29 | DDI RULE 2413 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2413 |
| DDI RULE 2725 | Reverse Meterpreter - HTTP (Response) | HIGH | | 2018/08/22 | DDI RULE 2725 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2725 |
| DDI RULE 2711 | UNDERMINER - Exploit Kit - HTTP (Response) | HIGH | | 2018/08/22 | DDI RULE 2711 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2711 |
| DDI RULE 2698 | APT - WATERHOLE - HTTP (Request) - Variant 2 | HIGH | | 2018/08/22 | DDI RULE 2698 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2698 |
| DDI RULE 2672 | CKNIFE - HTTP (Request) | HIGH | | 2018/08/22 | DDI RULE 2672 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2672 |
| DDI RULE 2676 | PHP Webshell - HTTP (Request) - Variant 2 | HIGH | | 2018/08/20 | DDI RULE 2676 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2676 |
| DDI RULE 27 | Host DNS Mx record query of a non-trusted domain | LOW | | 2018/08/20 | DDI RULE 27 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-27 |
| DDI RULE 2690 | JSPSPY Webshell - HTTP (Request) | HIGH | | 2018/08/20 | DDI RULE 2690 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2690 |
| DDI RULE 2719 | WebScript Injection - HTTP (Request) | MEDIUM | | 2018/08/13 | DDI RULE 2719 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2719 |
| DDI RULE 2720 | CVE-2018-2894 Weblogic Arbitrary File Upload Exploit - HTTP (Request) | MEDIUM | | 2018/08/13 | DDI RULE 2720 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2720 |
| DDI RULE 1552 | APT - HAVEX - HTTP (Request) | HIGH | | 2018/08/13 | DDI RULE 1552 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1552 |
| DDI RULE 1577 | APT - PLUGX - HTTP (Request) - Variant 6 | HIGH | | 2018/08/13 | DDI RULE 1577 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1577 |
| DDI RULE 1583 | APT - HCOREPWSTL - HTTP (Request) | HIGH | | 2018/08/13 | DDI RULE 1583 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1583 |
| DDI RULE 1347 | APT - Possible SIMBOT - HTTP (Request) - Variant 3 | MEDIUM | | 2018/08/13 | DDI RULE 1347 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1347 |
| DDI RULE 1415 | APT - Possible POISONIVY - TCP (Request) | MEDIUM | | 2018/08/13 | DDI RULE 1415 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1415 |
| DDI RULE 1460 | A privileged user account attempted to log on to the Remote Desktop server during non-working hours | HIGH | | 2018/08/13 | DDI RULE 1460 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1460 |
| DDI RULE 272 | AUTORUN - HTTP (Request) - Variant 6 | HIGH | | 2018/08/09 | DDI RULE 272 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-272 |
| DDI RULE 2717 | KAIXIN - Exploit Kit - HTTP (Request) - Variant 3 | HIGH | | 2018/08/09 | DDI RULE 2717 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2717 |
| DDI RULE 2718 | S7 Enumerate Redpoint NSE Request CPU Function Read SZL - TCP (Request) | LOW | | 2018/08/09 | DDI RULE 2718 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2718 |
| DDI RULE 2715 | MINER CONFIG - HTTP (Response) | HIGH | | 2018/08/07 | DDI RULE 2715 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2715 |
| DDI RULE 2384 | Possible EQUATED - Remote Code Execution - SMB (Request) | LOW | | 2018/08/07 | DDI RULE 2384 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2384 |
| DDI RULE 2390 | EQUATED - SMB (Response) | HIGH | | 2018/08/07 | DDI RULE 2390 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2390 |
| DDI RULE 2429 | EQUATED - Exploit Attempt - SMB (Response) | HIGH | | 2018/08/07 | DDI RULE 2429 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2429 |
| DDI RULE 1087 | APT - FASWIK - TCP (Request) | HIGH | | 2018/08/06 | DDI RULE 1087 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1087 |
| DDI RULE 1069 | APT - Possible GHOSTRAT - TCP | MEDIUM | | 2018/08/06 | DDI RULE 1069 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1069 |
| DDI RULE 1076 | file dropped on a network administrative share | LOW | | 2018/08/06 | DDI RULE 1076 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1076 |
| DDI RULE 1257 | APT - CRIDEX - HTTP (Request) - Variant 3 | HIGH | | 2018/08/06 | DDI RULE 1257 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1257 |
| DDI RULE 1300 | APT - FARFLI - HTTP (Request) | HIGH | | 2018/08/06 | DDI RULE 1300 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1300 |
| DDI RULE 1306 | SMB or SMB2 PE file Upload to non-administrative share folder detected | MEDIUM | | 2018/08/06 | DDI RULE 1306 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1306 |
| DDI RULE 1307 | SMB or SMB2 PE file Upload detected | MEDIUM | | 2018/08/06 | DDI RULE 1307 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1307 |
| DDI RULE 1303 | APT - Possible BLYPT - HTTP (Request) | MEDIUM | | 2018/08/06 | DDI RULE 1303 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1303 |
| DDI RULE 1310 | SMB CreateService request detected | LOW | | 2018/08/06 | DDI RULE 1310 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1310 |
| DDI RULE 1311 | SMB DeleteService request detected | LOW | | 2018/08/06 | DDI RULE 1311 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1311 |
| DDI RULE 1318 | File Download From known CNC Server detected | MEDIUM | | 2018/08/06 | DDI RULE 1318 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1318 |
| DDI RULE 2709 | CVE-2018-8278 MS Edge Spoofing Exploit - HTTP (Response) | HIGH | | 2018/07/30 | DDI RULE 2709 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2709 |
| DDI RULE 2704 | Web Security Testing Tool - HTTP (Request) - Variant 2 | HIGH | | 2018/07/26 | DDI RULE 2704 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2704 |
| DDI RULE 2705 | Android Debug Bridge Remote Code Execution - TCP (Request) | HIGH | | 2018/07/26 | DDI RULE 2705 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2705 |
| DDI RULE 2706 | OSTAP - HTTP (Request) | HIGH | | 2018/07/26 | DDI RULE 2706 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2706 |
| DDI RULE 2707 | DLINK Command Injection Exploit - HTTP (Request) - Variant 2 | HIGH | | 2018/07/26 | DDI RULE 2707 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2707 |
| DDI RULE 2708 | SENDOOREOF - UDP (Request) | HIGH | | 2018/07/26 | DDI RULE 2708 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2708 |
| DDI RULE 2629 | Possible WEBLOGIC T3 RCE Exploit - TCP (Request) | MEDIUM | | 2018/07/26 | DDI RULE 2629 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2629 |
| DDI RULE 2626 | CVE-2018-7600 - Drupal Remote Code Execution - HTTP (Request) | HIGH | | 2018/07/25 | DDI RULE 2626 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2626 |
| DDI RULE 2702 | Host Discovery - UDP (Request) | LOW | | 2018/07/24 | DDI RULE 2702 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2702 |
| DDI RULE 1242 | APT - XTREME - HTTP (Request) | HIGH | | 2018/07/24 | DDI RULE 1242 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1242 |
| DDI RULE 1245 | APT - TROJAN TCP Request | HIGH | | 2018/07/24 | DDI RULE 1245 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1245 |
| DDI RULE 1174 | APT - MALEX - HTTP (Request) | HIGH | | 2018/07/24 | DDI RULE 1174 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1174 |
| DDI RULE 1021 | APT - Possible POISONIVY - TCP (Response) - Variant 2 | MEDIUM | | 2018/07/24 | DDI RULE 1021 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1021 |
| DDI RULE 2701 | Possible EMOTET - HTTP (Response) - Variant 3 | HIGH | | 2018/07/18 | DDI RULE 2701 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2701 |
| DDI RULE 2666 | CVE-2017-7529 NGINX Integer Overflow Exploit Attempt HTTP (Request) | MEDIUM | | 2018/07/18 | DDI RULE 2666 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2666 |
| DDI RULE 2700 | Possible WEBSHELL - HTTP (Request) | HIGH | | 2018/07/17 | DDI RULE 2700 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2700 |
| DDI RULE 2699 | CVE-2016-10134 - Zabbix SQL Injection - HTTP (Request) | MEDIUM | | 2018/07/17 | DDI RULE 2699 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2699 |
| DDI RULE 2584 | POSGERAT Data Exfiltration - DNS (Response) | LOW | | 2018/07/17 | DDI RULE 2584 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2584 |
| DDI RULE 1885 | Possible Data Exfiltration - DNS (Response) | LOW | | 2018/07/17 | DDI RULE 1885 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1885 |
| DDI RULE 1618 | CVE-2014-6271 - Shellshock HTTP Request | HIGH | | 2018/07/16 | DDI RULE 1618 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1618 |
| DDI RULE 1078 | Possible TOR node certificate detected | MEDIUM | | 2018/07/11 | DDI RULE 1078 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1078 |
| DDI RULE 108 | Data-stealing malware | LOW | | 2018/07/11 | DDI RULE 108 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-108 |
| DDI RULE 2694 | CVE-2018-12613 PHPMyAdmin Remote Code Execution Exploit - HTTP (Request) | HIGH | | 2018/07/11 | DDI RULE 2694 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2694 |
| DDI RULE 2695 | CVE-2018-3606 TMCM SQL Injection Exploit - HTTP (Request) | HIGH | | 2018/07/11 | DDI RULE 2695 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2695 |
| DDI RULE 2696 | CVE-2018-0296 CISCO ASA Path Traversal Exploit - HTTP (Request) | HIGH | | 2018/07/11 | DDI RULE 2696 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2696 |
| DDI RULE 2697 | NUKESPED - TCP (Response) - Variant 2 | MEDIUM | | 2018/07/11 | DDI RULE 2697 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2697 |
| DDI RULE 2693 | CVE-2015-5254 - ActiveMQ Deserialization Vulnerability | HIGH | | 2018/07/10 | DDI RULE 2693 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2693 |
| DDI RULE 2689 | CVE-2016-4438 - Remote Code Execution - HTTP (Request) - Variant 2 | HIGH | | 2018/07/03 | DDI RULE 2689 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2689 |
| DDI RULE 1886 | Data Exfiltration - DNS (Response) | LOW | | 2018/07/03 | DDI RULE 1886 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-1886 |
| DDI RULE 2349 | Possible MIRAI - TCP (Request) | HIGH | | 2018/07/03 | DDI RULE 2349 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2349 |
| DDI RULE 2507 | Unauthorized TESTFR IEC-104 Request | HIGH | | 2018/06/28 | DDI RULE 2507 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2507 |
| DDI RULE 2508 | Unauthorized STARTDT IEC-104 Request | HIGH | | 2018/06/28 | DDI RULE 2508 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2508 |
| DDI RULE 2509 | Unauthorized STOPDT IEC-104 Request | HIGH | | 2018/06/28 | DDI RULE 2509 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2509 |
| DDI RULE 2510 | Non-IEC-104 Communication Request | HIGH | | 2018/06/28 | DDI RULE 2510 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2510 |
| DDI RULE 2511 | IEC104 STOPDT CON - SCADA (Response) | MEDIUM | | 2018/06/28 | DDI RULE 2511 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2511 |
| DDI RULE 2512 | IEC104 STARTDT CON - SCADA (Response) | MEDIUM | | 2018/06/28 | DDI RULE 2512 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2512 |
| DDI RULE 2529 | APT - TURLA - HTTP (Request) | HIGH | | 2018/06/28 | DDI RULE 2529 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2529 |
| DDI RULE 253 | RUSTOCK - HTTP (Request) - Variant 2 | HIGH | | 2018/06/28 | DDI RULE 253 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-253 |
| DDI RULE 2687 | CVE-2018-7602 - Remote Code Execution - HTTP (Request) - Variant 2 | HIGH | | 2018/06/28 | DDI RULE 2687 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2687 |
| DDI RULE 2685 | Possible Host Discovery - ICMP (Response) | HIGH | | 2018/06/28 | DDI RULE 2685 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2685 |
| DDI RULE 2686 | Command Execution - SMB (Request) | HIGH | | 2018/06/26 | DDI RULE 2686 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2686 |
| DDI RULE 2680 | Acunetix Web Vulnerability Scanner - HTTP (Request) | HIGH | | 2018/06/26 | DDI RULE 2680 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2680 |
| DDI RULE 2681 | DirBuster - HTTP (Request) | MEDIUM | | 2018/06/26 | DDI RULE 2681 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2681 |
| DDI RULE 2682 | NMAP - HTTP (Request | MEDIUM | | 2018/06/26 | DDI RULE 2682 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2682 |
| DDI RULE 2683 | W3AF - HTTP (Request) | MEDIUM | | 2018/06/26 | DDI RULE 2683 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2683 |
| DDI RULE 2684 | GoLismero - HTTP (Request) | MEDIUM | | 2018/06/26 | DDI RULE 2684 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2684 |
| DDI RULE 2651 | JBOSSAS COMMAND EXECUTION EXPLOIT - HTTP (Request) | MEDIUM | | 2018/06/26 | DDI RULE 2651 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2651 |
| DDI RULE 2674 | Web Vulnerability Scanner - HTTP (Request) | HIGH | | 2018/06/25 | DDI RULE 2674 | /vinfo/pl/threat-encyclopedia/network/ddi-rule-2674 |
