Network Content Inspection Rules

Rule ID	Rule Description	Confidence Level	DDI Default Rule	Network Content Inspection Pattern Release Date
DDI RULE 2063	CHOPPER - HTTP (Request)	HIGH		2019/11/19	DDI RULE 2063	/vinfo/us/threat-encyclopedia/network/ddi-rule-2063
DDI RULE 2918	CVE-2018-7841 - SCHNEIDER ELECTRIC - HTTP (Request)	HIGH		2019/11/19	DDI RULE 2918	/vinfo/us/threat-encyclopedia/network/ddi-rule-2918
DDI RULE 4217	CVE-2019-12991 - CITRIX SDWAN RCE - HTTP (Request)	HIGH		2019/11/19	DDI RULE 4217	/vinfo/us/threat-encyclopedia/network/ddi-rule-4217
DDI RULE 4258	HNAP1 - HTTP (Soap) - Variant RCE	HIGH		2019/11/18	DDI RULE 4258	/vinfo/us/threat-encyclopedia/network/ddi-rule-4258
DDI RULE 2899	CVE-2018-1000861 - JENKINS - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2899	/vinfo/us/threat-encyclopedia/network/ddi-rule-2899
DDI RULE 2906	CVE-2017-8046 - SPRINGDATA - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2906	/vinfo/us/threat-encyclopedia/network/ddi-rule-2906
DDI RULE 2880	CVE-2019-5418 - RUBY ON RAILS - FILE CONTENT DISCLOSURE - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2880	/vinfo/us/threat-encyclopedia/network/ddi-rule-2880
DDI RULE 2881	HYDRA WEBSHELL - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2881	/vinfo/us/threat-encyclopedia/network/ddi-rule-2881
DDI RULE 2883	Possible PUT Header Scanner - HTTP (Response)	LOW		2019/11/18	DDI RULE 2883	/vinfo/us/threat-encyclopedia/network/ddi-rule-2883
DDI RULE 2884	CVE-2018-19127 PHPCMS2008 Code Injection - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2884	/vinfo/us/threat-encyclopedia/network/ddi-rule-2884
DDI RULE 2885	Remote Code Execution - EXPLOIT - HTTP (Request) - Variant 6	HIGH		2019/11/18	DDI RULE 2885	/vinfo/us/threat-encyclopedia/network/ddi-rule-2885
DDI RULE 2886	CVE-2018-1270 - SPRINGDATA - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2886	/vinfo/us/threat-encyclopedia/network/ddi-rule-2886
DDI RULE 2887	CVE-2019-3396 - ATLASSIAN CONFLUENCE - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2887	/vinfo/us/threat-encyclopedia/network/ddi-rule-2887
DDI RULE 2893	JEXBOSS - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2893	/vinfo/us/threat-encyclopedia/network/ddi-rule-2893
DDI RULE 2948	CVE-2018-11510 - Asustor ADM - Command Injection - HTTP (Request)	HIGH		2019/11/18	DDI RULE 2948	/vinfo/us/threat-encyclopedia/network/ddi-rule-2948
DDI RULE 1437	POCARDL SMB Connection - Class 1	HIGH		2019/11/14	DDI RULE 1437	/vinfo/us/threat-encyclopedia/network/ddi-rule-1437
DDI RULE 1564	KELIHOS - HTTP (Request) - Variant 4	HIGH		2019/11/14	DDI RULE 1564	/vinfo/us/threat-encyclopedia/network/ddi-rule-1564
DDI RULE 1585	POSTBOT - HTTP (Request)	HIGH		2019/11/14	DDI RULE 1585	/vinfo/us/threat-encyclopedia/network/ddi-rule-1585
DDI RULE 2038	MISDAT - TCP	HIGH		2019/11/11	DDI RULE 2038	/vinfo/us/threat-encyclopedia/network/ddi-rule-2038
DDI RULE 2023	CVE-2014-2206 - HTTP (Response)	HIGH		2019/11/11	DDI RULE 2023	/vinfo/us/threat-encyclopedia/network/ddi-rule-2023
DDI RULE 2027	HIMAN - Exploit kit - HTTP (Request)	HIGH		2019/11/11	DDI RULE 2027	/vinfo/us/threat-encyclopedia/network/ddi-rule-2027
DDI RULE 2029	DATPER - HTTP (Request)	HIGH		2019/11/11	DDI RULE 2029	/vinfo/us/threat-encyclopedia/network/ddi-rule-2029
DDI RULE 2033	PAWXNIC - Malicious certificate - SSL	HIGH		2019/11/11	DDI RULE 2033	/vinfo/us/threat-encyclopedia/network/ddi-rule-2033
DDI RULE 2034	RANSOM CRYPTESLA - HTTP (Request) - Variant 5	HIGH		2019/11/11	DDI RULE 2034	/vinfo/us/threat-encyclopedia/network/ddi-rule-2034
DDI RULE 2035	CVE-2016-0800 - RSA DOWNGRADE OPENSSL Exploit	HIGH		2019/11/11	DDI RULE 2035	/vinfo/us/threat-encyclopedia/network/ddi-rule-2035
DDI RULE 2036	ZEPROX - HTTP (Request)	HIGH		2019/11/11	DDI RULE 2036	/vinfo/us/threat-encyclopedia/network/ddi-rule-2036
DDI RULE 2913	Possible Vulnerable Channel - RDP (Request)	LOW		2019/11/06	DDI RULE 2913	/vinfo/us/threat-encyclopedia/network/ddi-rule-2913
DDI RULE 2921	Possible Vulnerable Channel - RDP (Request) - Variant 2	LOW		2019/11/06	DDI RULE 2921	/vinfo/us/threat-encyclopedia/network/ddi-rule-2921
DDI RULE 2641	CVE-2018-1308 Apache Solr Data Import Handler XML Exploit - HTTP (Request)	HIGH		2019/11/05	DDI RULE 2641	/vinfo/us/threat-encyclopedia/network/ddi-rule-2641
DDI RULE 2573	MINER - TCP (Request)	MEDIUM		2019/10/28	DDI RULE 2573	/vinfo/us/threat-encyclopedia/network/ddi-rule-2573
DDI RULE 4142	SSL Connection	LOW		2019/10/28	DDI RULE 4142	/vinfo/us/threat-encyclopedia/network/ddi-rule-4142
DDI RULE 4143	Malicious SSL Client Connection	HIGH		2019/10/28	DDI RULE 4143	/vinfo/us/threat-encyclopedia/network/ddi-rule-4143
DDI RULE 4144	Malicious SSL Server Connection	HIGH		2019/10/28	DDI RULE 4144	/vinfo/us/threat-encyclopedia/network/ddi-rule-4144
DDI RULE 4145	Malicious SSL Connection	HIGH		2019/10/28	DDI RULE 4145	/vinfo/us/threat-encyclopedia/network/ddi-rule-4145
DDI RULE 4146	Suspicious SSL Connection	MEDIUM		2019/10/28	DDI RULE 4146	/vinfo/us/threat-encyclopedia/network/ddi-rule-4146
DDI RULE 4147	Suspicious SSL Client Connection	LOW		2019/10/28	DDI RULE 4147	/vinfo/us/threat-encyclopedia/network/ddi-rule-4147
DDI RULE 4148	Suspicious SSL Server Connection	LOW		2019/10/28	DDI RULE 4148	/vinfo/us/threat-encyclopedia/network/ddi-rule-4148
DDI RULE 4261	WARZONE - DNS (Response)	HIGH		2019/10/28	DDI RULE 4261	/vinfo/us/threat-encyclopedia/network/ddi-rule-4261
DDI RULE 4262	CVE-2019-7609 - KIBANA TIMELION RCE EXPLOIT - HTTP (Request)	HIGH		2019/10/28	DDI RULE 4262	/vinfo/us/threat-encyclopedia/network/ddi-rule-4262
DDI RULE 4257	ANTSWORD - HTTP (Request) - Variant 2	HIGH		2019/10/24	DDI RULE 4257	/vinfo/us/threat-encyclopedia/network/ddi-rule-4257
DDI RULE 2889	ANTSWORD - HTTP (Request)	HIGH		2019/10/24	DDI RULE 2889	/vinfo/us/threat-encyclopedia/network/ddi-rule-2889
DDI RULE 4250	POSSIBLE XSS Variant 2 - HTTP (REQUEST)	LOW		2019/10/23	DDI RULE 4250	/vinfo/us/threat-encyclopedia/network/ddi-rule-4250
DDI RULE 4251	CVE-2019-16920 - DLINK RCE EXPLOIT - HTTP (REQUEST)	HIGH		2019/10/23	DDI RULE 4251	/vinfo/us/threat-encyclopedia/network/ddi-rule-4251
DDI RULE 4249	NEGASTEAL - SMTP (Request)	HIGH		2019/10/22	DDI RULE 4249	/vinfo/us/threat-encyclopedia/network/ddi-rule-4249
DDI RULE 2070	ANGLER - Exploit Kit - HTTP (Request) - Variant 4	MEDIUM		2019/10/22	DDI RULE 2070	/vinfo/us/threat-encyclopedia/network/ddi-rule-2070
DDI RULE 4256	CVE-2018-3760 - RAILS PIPELINE TRAVERSAL CB - HTTP (REQUEST)	HIGH		2019/10/21	DDI RULE 4256	/vinfo/us/threat-encyclopedia/network/ddi-rule-4256
DDI RULE 4247	BXCODE - Ransomware - HTTP (Request)	HIGH		2019/10/14	DDI RULE 4247	/vinfo/us/threat-encyclopedia/network/ddi-rule-4247
DDI RULE 4248	CVE-2019-2618 - WEBLOGIC FILE UPLOAD EXPLOIT - HTTP (REQUEST)	MEDIUM		2019/10/14	DDI RULE 4248	/vinfo/us/threat-encyclopedia/network/ddi-rule-4248
DDI RULE 4239	VBulletin Remote Command Execution - HTTP (Request)	HIGH		2019/10/14	DDI RULE 4239	/vinfo/us/threat-encyclopedia/network/ddi-rule-4239
DDI RULE 4244	NOVTER - HTTP (Request)	HIGH		2019/10/14	DDI RULE 4244	/vinfo/us/threat-encyclopedia/network/ddi-rule-4244
DDI RULE 4246	Possible CVE-2019-16928 - Exim Buffer Overflow Exploit - SMTP (Request)	MEDIUM		2019/10/03	DDI RULE 4246	/vinfo/us/threat-encyclopedia/network/ddi-rule-4246
DDI RULE 4245	PHPSTUDY - HTTP (REQUEST)	HIGH		2019/10/02	DDI RULE 4245	/vinfo/us/threat-encyclopedia/network/ddi-rule-4245
DDI RULE 4242	CVE-2018-18778 - ACME File Discovery Exploit - HTTP (RESPONSE)	MEDIUM		2019/10/02	DDI RULE 4242	/vinfo/us/threat-encyclopedia/network/ddi-rule-4242
DDI RULE 4240	PANMICRO ECO RCE EXPLOIT - HTTP (REQUEST)	HIGH		2019/10/02	DDI RULE 4240	/vinfo/us/threat-encyclopedia/network/ddi-rule-4240
DDI RULE 4241	BHU WIFI RCE EXPLOIT - HTTP (REQUEST)	LOW		2019/09/30	DDI RULE 4241	/vinfo/us/threat-encyclopedia/network/ddi-rule-4241
DDI RULE 4243	APT - SUSPICIOUS CGI DIRECTORY TRAVERSAL - HTTP (REQUEST)	HIGH		2019/09/30	DDI RULE 4243	/vinfo/us/threat-encyclopedia/network/ddi-rule-4243
DDI RULE 4235	Remote CreateService - SMB2 (Request)	HIGH		2019/09/26	DDI RULE 4235	/vinfo/us/threat-encyclopedia/network/ddi-rule-4235
DDI RULE 4236	Meterpreter Powershell - SMB2 (Request)	HIGH		2019/09/26	DDI RULE 4236	/vinfo/us/threat-encyclopedia/network/ddi-rule-4236
DDI RULE 4222	PST File Upload	LOW		2019/09/25	DDI RULE 4222	/vinfo/us/threat-encyclopedia/network/ddi-rule-4222
DDI RULE 4238	CVE-2019-12922 - PHPMYADMIN CSRF - HTTP (Request)	MEDIUM		2019/09/25	DDI RULE 4238	/vinfo/us/threat-encyclopedia/network/ddi-rule-4238
DDI RULE 4237	CVE-2019-5475 - Nexus Repo Manager Remote Code Execution Exploit - HTTP (Request)	HIGH		2019/09/24	DDI RULE 4237	/vinfo/us/threat-encyclopedia/network/ddi-rule-4237
DDI RULE 4233	Data Exfiltration - DNS (Response) - Variant 2	MEDIUM		2019/09/23	DDI RULE 4233	/vinfo/us/threat-encyclopedia/network/ddi-rule-4233
DDI RULE 4234	TFLOWER - Malicious Certificate - HTTPS (Response)	HIGH		2019/09/19	DDI RULE 4234	/vinfo/us/threat-encyclopedia/network/ddi-rule-4234
DDI RULE 4232	EMOTET - HTTP (Request) - Variant 5	HIGH		2019/09/19	DDI RULE 4232	/vinfo/us/threat-encyclopedia/network/ddi-rule-4232
DDI RULE 2289	Unsuccessful logon - FTP	LOW		2019/09/19	DDI RULE 2289	/vinfo/us/threat-encyclopedia/network/ddi-rule-2289
DDI RULE 2290	Possible Brute force - FTP	LOW		2019/09/19	DDI RULE 2290	/vinfo/us/threat-encyclopedia/network/ddi-rule-2290
DDI RULE 4224	CVE-2019-15846 EXIM TLS Flaw - HTTPS (Request)	MEDIUM		2019/09/18	DDI RULE 4224	/vinfo/us/threat-encyclopedia/network/ddi-rule-4224
DDI RULE 4228	XSS Href Exploit - HTTP (Request)	HIGH		2019/09/12	DDI RULE 4228	/vinfo/us/threat-encyclopedia/network/ddi-rule-4228
DDI RULE 4229	YEALINK VOIP - COMMAND INJECTION - HTTP (Request)	HIGH		2019/09/12	DDI RULE 4229	/vinfo/us/threat-encyclopedia/network/ddi-rule-4229
DDI RULE 4221	Jenkins RCE Exploit - HTTP (Request)- Variant 2	HIGH		2019/09/12	DDI RULE 4221	/vinfo/us/threat-encyclopedia/network/ddi-rule-4221
DDI RULE 4230	APT - DATPER - HTTP (Request)	HIGH		2019/09/12	DDI RULE 4230	/vinfo/us/threat-encyclopedia/network/ddi-rule-4230
DDI RULE 4231	APT - SUSPICIOUS CGI - HTTP (Request)	HIGH		2019/09/12	DDI RULE 4231	/vinfo/us/threat-encyclopedia/network/ddi-rule-4231
DDI RULE 4212	Possible Bruteforce - HTTP (Request)	MEDIUM		2019/09/12	DDI RULE 4212	/vinfo/us/threat-encyclopedia/network/ddi-rule-4212
DDI RULE 4223	APT - Suspicious Cgi - HTTP (Request)	HIGH		2019/09/11	DDI RULE 4223	/vinfo/us/threat-encyclopedia/network/ddi-rule-4223
DDI RULE 4220	RIG - Exploit Kit - HTTP (Request) - Variant 8	HIGH		2019/09/10	DDI RULE 4220	/vinfo/us/threat-encyclopedia/network/ddi-rule-4220
DDI RULE 2897	EMOTET - HTTP (Request) - Variant 4	HIGH		2019/09/10	DDI RULE 2897	/vinfo/us/threat-encyclopedia/network/ddi-rule-2897
DDI RULE 4213	RETADUP - HTTP (Response)	HIGH		2019/09/03	DDI RULE 4213	/vinfo/us/threat-encyclopedia/network/ddi-rule-4213
DDI RULE 4214	CVE-2019-1181 Chopper Compression Overflow Remote Code Execution - RDP (Request) - Variant 2	MEDIUM		2019/09/03	DDI RULE 4214	/vinfo/us/threat-encyclopedia/network/ddi-rule-4214
DDI RULE 4215	CVE-2019-1182 Chopper Compression Overflow Remote Code Execution - RDP (Request) - Variant 2	MEDIUM		2019/09/03	DDI RULE 4215	/vinfo/us/threat-encyclopedia/network/ddi-rule-4215
DDI RULE 4205	Register Shutdown Function Webshell - HTTP (Request)	HIGH		2019/09/03	DDI RULE 4205	/vinfo/us/threat-encyclopedia/network/ddi-rule-4205
DDI RULE 4203	Possible CVE-2019-1224 Server Information Disclosure Exploit - RDP (Response)	LOW		2019/09/03	DDI RULE 4203	/vinfo/us/threat-encyclopedia/network/ddi-rule-4203
DDI RULE 4216	BLUEANGEL - Comand Injection - HTTP (Request)	HIGH		2019/09/02	DDI RULE 4216	/vinfo/us/threat-encyclopedia/network/ddi-rule-4216
DDI RULE 4218	CVE-2014-4663 TIMTHUMB RCE Exploit- HTTP (Request)	HIGH		2019/09/02	DDI RULE 4218	/vinfo/us/threat-encyclopedia/network/ddi-rule-4218
DDI RULE 4219	GHOSTMINER - HTTP (Request)	HIGH		2019/09/02	DDI RULE 4219	/vinfo/us/threat-encyclopedia/network/ddi-rule-4219
DDI RULE 4181	TREVOR - HTTP (Response)	MEDIUM		2019/09/02	DDI RULE 4181	/vinfo/us/threat-encyclopedia/network/ddi-rule-4181
DDI RULE 4182	TREVOR - HTTP (Response) - Variant 2	MEDIUM		2019/09/02	DDI RULE 4182	/vinfo/us/threat-encyclopedia/network/ddi-rule-4182
DDI RULE 4176	RANSOM SYRK - DNS (Response)	HIGH		2019/08/28	DDI RULE 4176	/vinfo/us/threat-encyclopedia/network/ddi-rule-4176
DDI RULE 2891	EMPIRE - HTTP (Request) - Variant 3	HIGH		2019/08/28	DDI RULE 2891	/vinfo/us/threat-encyclopedia/network/ddi-rule-2891
DDI RULE 2861	ShadowHammer - DNS (Response)	HIGH		2019/08/28	DDI RULE 2861	/vinfo/us/threat-encyclopedia/network/ddi-rule-2861
DDI RULE 2568	COBALTSTRIKE - DNS (Response)	HIGH		2019/08/28	DDI RULE 2568	/vinfo/us/threat-encyclopedia/network/ddi-rule-2568
DDI RULE 2569	TOXOCARA - DNS (Response)	HIGH		2019/08/28	DDI RULE 2569	/vinfo/us/threat-encyclopedia/network/ddi-rule-2569
DDI RULE 2497	CCHACK - DNS (Response)	HIGH		2019/08/28	DDI RULE 2497	/vinfo/us/threat-encyclopedia/network/ddi-rule-2497
DDI RULE 4199	Amazon Phishing - DNS (Response)	HIGH		2019/08/28	DDI RULE 4199	/vinfo/us/threat-encyclopedia/network/ddi-rule-4199
DDI RULE 4180	BASHLITE - TCP (Request)	HIGH		2019/08/28	DDI RULE 4180	/vinfo/us/threat-encyclopedia/network/ddi-rule-4180
DDI RULE 4211	CLIPSA - HTTP (Request)	MEDIUM		2019/08/28	DDI RULE 4211	/vinfo/us/threat-encyclopedia/network/ddi-rule-4211
DDI RULE 2043	OSX KeRanger DNS Connection detected	HIGH		2019/08/28	DDI RULE 2043	/vinfo/us/threat-encyclopedia/network/ddi-rule-2043
DDI RULE 1734	RANSOM CRYPCTB DNS Connection detected	HIGH		2019/08/28	DDI RULE 1734	/vinfo/us/threat-encyclopedia/network/ddi-rule-1734
DDI RULE 1779	RANSOM CRILOCK DNS Connection	HIGH		2019/08/28	DDI RULE 1779	/vinfo/us/threat-encyclopedia/network/ddi-rule-1779
DDI RULE 1845	RANSOM CRYPRAAS DNS Connection detected	HIGH		2019/08/28	DDI RULE 1845	/vinfo/us/threat-encyclopedia/network/ddi-rule-1845
DDI RULE 1009	PE_XPAJ DNS Response - Class 1	HIGH		2019/08/28	DDI RULE 1009	/vinfo/us/threat-encyclopedia/network/ddi-rule-1009
DDI RULE 1084	RED OCTOBER ATTACK DNS Response - Class 1	HIGH		2019/08/28	DDI RULE 1084	/vinfo/us/threat-encyclopedia/network/ddi-rule-1084
DDI RULE 4204	CVE-2019-15107 WEBMIN RCE Exploit - HTTP (Request)	HIGH		2019/08/27	DDI RULE 4204	/vinfo/us/threat-encyclopedia/network/ddi-rule-4204
DDI RULE 4210	MEDUSA - HTTP (Request)	HIGH		2019/08/27	DDI RULE 4210	/vinfo/us/threat-encyclopedia/network/ddi-rule-4210
DDI RULE 4207	CVE-2019-11354 - DOTPROJECT SQL Injetion - HTTP (Request)	HIGH		2019/08/27	DDI RULE 4207	/vinfo/us/threat-encyclopedia/network/ddi-rule-4207
DDI RULE 4208	CVE-2019-12989 - CITRIX SDWAN AUTH BYPASS - HTTP (Request)	HIGH		2019/08/27	DDI RULE 4208	/vinfo/us/threat-encyclopedia/network/ddi-rule-4208
DDI RULE 4209	WEBMIN RCE Exploit - HTTP (Request)	HIGH		2019/08/27	DDI RULE 4209	/vinfo/us/threat-encyclopedia/network/ddi-rule-4209
DDI RULE 4206	AXIS2 GETSHELL - COMMAND INJECTION - HTTP (Request)	HIGH		2019/08/26	DDI RULE 4206	/vinfo/us/threat-encyclopedia/network/ddi-rule-4206
DDI RULE 4193	CVE-2019-9511 Data Dribble - HTTP2 (Request)	LOW		2019/08/26	DDI RULE 4193	/vinfo/us/threat-encyclopedia/network/ddi-rule-4193
DDI RULE 4194	CVE-2019-9512 PING Flood - HTTP2 (Request)	LOW		2019/08/26	DDI RULE 4194	/vinfo/us/threat-encyclopedia/network/ddi-rule-4194
DDI RULE 4195	CVE-2019-9515 SETTINGS Flood - HTTP2 (Request)	LOW		2019/08/26	DDI RULE 4195	/vinfo/us/threat-encyclopedia/network/ddi-rule-4195
DDI RULE 4196	CVE-2019-9517 Internal Data Buffering - HTTP2 (Request)	LOW		2019/08/26	DDI RULE 4196	/vinfo/us/threat-encyclopedia/network/ddi-rule-4196
DDI RULE 4197	CVE-2019-9518 Empty Frames Flood - HTTP2 (Request)	LOW		2019/08/26	DDI RULE 4197	/vinfo/us/threat-encyclopedia/network/ddi-rule-4197
DDI RULE 4198	ANUBIS - HTTP (Request)	HIGH		2019/08/22	DDI RULE 4198	/vinfo/us/threat-encyclopedia/network/ddi-rule-4198
DDI RULE 4201	CVE-2019-1181 Chopper Compression Overflow Remote Code Execution - RDP (Request)	LOW		2019/08/22	DDI RULE 4201	/vinfo/us/threat-encyclopedia/network/ddi-rule-4201
DDI RULE 4202	CVE-2019-1182 Chopper Compression Overflow Remote Code Execution - RDP (Request)	LOW		2019/08/22	DDI RULE 4202	/vinfo/us/threat-encyclopedia/network/ddi-rule-4202
DDI RULE 4200	CVE-2015-4051 - BECKHOFF RCE - HTTP (Request)	HIGH		2019/08/21	DDI RULE 4200	/vinfo/us/threat-encyclopedia/network/ddi-rule-4200
DDI RULE 4191	CVE-2017-11774 MS Outlook Security Bypass Remote Code Execution - HTTP (Request)	MEDIUM		2019/08/15	DDI RULE 4191	/vinfo/us/threat-encyclopedia/network/ddi-rule-4191
DDI RULE 4192	IRIS Remote Command Execution - HTTP (Request)	HIGH		2019/08/15	DDI RULE 4192	/vinfo/us/threat-encyclopedia/network/ddi-rule-4192
DDI RULE 2547	NETGEAR DGN1000/DGN2200 Remote Code Execution - HTTP (Request)	HIGH		2019/08/15	DDI RULE 2547	/vinfo/us/threat-encyclopedia/network/ddi-rule-2547
DDI RULE 4111	CVE-2009-5157 Linksys WAG54G2 RCE Exploit - HTTP (Request)	HIGH		2019/08/15	DDI RULE 4111	/vinfo/us/threat-encyclopedia/network/ddi-rule-4111
DDI RULE 4183	Xfinity Gateway RCE Exploit - HTTP (Request)	HIGH		2019/08/14	DDI RULE 4183	/vinfo/us/threat-encyclopedia/network/ddi-rule-4183
DDI RULE 4190	RAIL RCE Exploit - HTTP (Request)	HIGH		2019/08/14	DDI RULE 4190	/vinfo/us/threat-encyclopedia/network/ddi-rule-4190
DDI RULE 4187	FLIR - Command Injection - HTTP (Request)	HIGH		2019/08/13	DDI RULE 4187	/vinfo/us/threat-encyclopedia/network/ddi-rule-4187
DDI RULE 4188	CVE-2014-3914 - Rocket Servergraph - RCE - HTTP (Request)	HIGH		2019/08/13	DDI RULE 4188	/vinfo/us/threat-encyclopedia/network/ddi-rule-4188
DDI RULE 4189	Beward N100 RCE Exploit - HTTP (Request)	HIGH		2019/08/13	DDI RULE 4189	/vinfo/us/threat-encyclopedia/network/ddi-rule-4189
DDI RULE 4166	CVE-2015-4335 REDIS Eval LUA Sandbox Bypass Exploit - TCP (Request)	HIGH		2019/08/13	DDI RULE 4166	/vinfo/us/threat-encyclopedia/network/ddi-rule-4166
DDI RULE 4184	Homematic RCE Exploit - HTTP (Request)	HIGH		2019/08/12	DDI RULE 4184	/vinfo/us/threat-encyclopedia/network/ddi-rule-4184
DDI RULE 4185	NXT Eyelock RCE Exploit - HTTP (Request)	HIGH		2019/08/12	DDI RULE 4185	/vinfo/us/threat-encyclopedia/network/ddi-rule-4185
DDI RULE 4175	LORD - Exploit Kit - HTTP (Response)	HIGH		2019/08/08	DDI RULE 4175	/vinfo/us/threat-encyclopedia/network/ddi-rule-4175
DDI RULE 4179	CVE-2017-8917 - JOOMLA - HTTP (Request)	HIGH		2019/08/07	DDI RULE 4179	/vinfo/us/threat-encyclopedia/network/ddi-rule-4179
DDI RULE 4167	CAMBIUM RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 4167	/vinfo/us/threat-encyclopedia/network/ddi-rule-4167
DDI RULE 4150	POSSIBLE XSS - HTTP (Request)	MEDIUM		2019/08/07	DDI RULE 4150	/vinfo/us/threat-encyclopedia/network/ddi-rule-4150
DDI RULE 4159	NTOP RCE Exploit - HTTP (Request) - Variant 2	HIGH		2019/08/07	DDI RULE 4159	/vinfo/us/threat-encyclopedia/network/ddi-rule-4159
DDI RULE 4160	NTOP RCE Exploit - HTTP (Request) - Variant 3	HIGH		2019/08/07	DDI RULE 4160	/vinfo/us/threat-encyclopedia/network/ddi-rule-4160
DDI RULE 4161	NTOP RCE Exploit - HTTP (Request) - Variant 4	HIGH		2019/08/07	DDI RULE 4161	/vinfo/us/threat-encyclopedia/network/ddi-rule-4161
DDI RULE 4112	CVE-2019-12094 Horde Webmail Unauthenticated RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 4112	/vinfo/us/threat-encyclopedia/network/ddi-rule-4112
DDI RULE 4114	CVE-2012-4869 PBX RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 4114	/vinfo/us/threat-encyclopedia/network/ddi-rule-4114
DDI RULE 4125	Mitel Audio RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 4125	/vinfo/us/threat-encyclopedia/network/ddi-rule-4125
DDI RULE 2938	Dell Kace RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2938	/vinfo/us/threat-encyclopedia/network/ddi-rule-2938
DDI RULE 2939	CVE-2018-6961 VMWARE NSX RCE EXPLOIT - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2939	/vinfo/us/threat-encyclopedia/network/ddi-rule-2939
DDI RULE 2940	CISCO RV Routers RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2940	/vinfo/us/threat-encyclopedia/network/ddi-rule-2940
DDI RULE 2941	Possible CVE-2019-1663 CISCO RV Routers Buffer Overflow Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2941	/vinfo/us/threat-encyclopedia/network/ddi-rule-2941
DDI RULE 4100	CVE-2010-5330 UBIQUITY Nanostation5 RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 4100	/vinfo/us/threat-encyclopedia/network/ddi-rule-4100
DDI RULE 4106	Gitorious Unauthenticated RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 4106	/vinfo/us/threat-encyclopedia/network/ddi-rule-4106
DDI RULE 2914	CVE-2018-15961 - Adobe Cold Fusion Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2914	/vinfo/us/threat-encyclopedia/network/ddi-rule-2914
DDI RULE 2907	CVE-2019-2616 ORACLE BI Pusblisher XXE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2907	/vinfo/us/threat-encyclopedia/network/ddi-rule-2907
DDI RULE 2919	DLINK DWL 26000AP RCE EXPLOIT - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2919	/vinfo/us/threat-encyclopedia/network/ddi-rule-2919
DDI RULE 2929	Hadoop Yarn RCE Exploit - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2929	/vinfo/us/threat-encyclopedia/network/ddi-rule-2929
DDI RULE 2485	CCTV-DVR Remote Code Execution - HTTP (Request)	HIGH		2019/08/07	DDI RULE 2485	/vinfo/us/threat-encyclopedia/network/ddi-rule-2485
DDI RULE 2639	CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request)	HIGH		2019/08/06	DDI RULE 2639	/vinfo/us/threat-encyclopedia/network/ddi-rule-2639
DDI RULE 4164	CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) - Variant 2	HIGH		2019/08/06	DDI RULE 4164	/vinfo/us/threat-encyclopedia/network/ddi-rule-4164
DDI RULE 4165	CVE-2019-7238 Nexus Repository Manager RCE Exploit - HTTP (Request)	HIGH		2019/08/06	DDI RULE 4165	/vinfo/us/threat-encyclopedia/network/ddi-rule-4165
DDI RULE 4168	CVE-2018-15379 Cisco Prime Infrastructure Remote Command Execution - HTTP (Request)	MEDIUM		2019/08/06	DDI RULE 4168	/vinfo/us/threat-encyclopedia/network/ddi-rule-4168
DDI RULE 4169	Linksys Remote Debug Root Shell- HTTP (Request)	HIGH		2019/08/06	DDI RULE 4169	/vinfo/us/threat-encyclopedia/network/ddi-rule-4169
DDI RULE 4172	APT - TONEDEAF - HTTP (Request)	HIGH		2019/08/06	DDI RULE 4172	/vinfo/us/threat-encyclopedia/network/ddi-rule-4172
DDI RULE 4177	CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request)	HIGH		2019/08/06	DDI RULE 4177	/vinfo/us/threat-encyclopedia/network/ddi-rule-4177
DDI RULE 4178	XYMON RCE Exploit - HTTP (Request)	HIGH		2019/08/06	DDI RULE 4178	/vinfo/us/threat-encyclopedia/network/ddi-rule-4178
DDI RULE 4173	GHOSTDNS - Exploit Kit - HTTP (Response) - Variant 2	HIGH		2019/08/05	DDI RULE 4173	/vinfo/us/threat-encyclopedia/network/ddi-rule-4173
DDI RULE 4174	DNS Changer Exploit - HTTP (Request)	HIGH		2019/08/05	DDI RULE 4174	/vinfo/us/threat-encyclopedia/network/ddi-rule-4174
DDI RULE 4170	CVE-2017-11357 TELERIK File Upload Exploit - HTTP (Request)	HIGH		2019/08/05	DDI RULE 4170	/vinfo/us/threat-encyclopedia/network/ddi-rule-4170
DDI RULE 4171	CVE-2013-3763 - Oracle Endeca Sever - HTTP (Request)	HIGH		2019/08/05	DDI RULE 4171	/vinfo/us/threat-encyclopedia/network/ddi-rule-4171
DDI RULE 4115	CVE-2009-2288 - NAGIOS - HTTP (Request)	HIGH		2019/08/05	DDI RULE 4115	/vinfo/us/threat-encyclopedia/network/ddi-rule-4115
DDI RULE 4116	CVE-2012-0262 - OPS5CONFIG - HTTP (Request)	HIGH		2019/08/05	DDI RULE 4116	/vinfo/us/threat-encyclopedia/network/ddi-rule-4116
DDI RULE 4102	WEBMIN - Command Execution - HTTP (Request)	HIGH		2019/08/05	DDI RULE 4102	/vinfo/us/threat-encyclopedia/network/ddi-rule-4102
DDI RULE 4107	CVE-2011-3587 - PLONE - HTTP (Request)	MEDIUM		2019/08/05	DDI RULE 4107	/vinfo/us/threat-encyclopedia/network/ddi-rule-4107
DDI RULE 4108	CVE-2003-0050 - QUICKTIME - HTTP (Request)	HIGH		2019/08/05	DDI RULE 4108	/vinfo/us/threat-encyclopedia/network/ddi-rule-4108
DDI RULE 4109	OP5MONITOR - HTTP (Request)	HIGH		2019/08/05	DDI RULE 4109	/vinfo/us/threat-encyclopedia/network/ddi-rule-4109
DDI RULE 4110	CVE-2005-2773 - HP OPENVIEW NETWORK NODE MANAGER- HTTP (Request)	HIGH		2019/08/05	DDI RULE 4110	/vinfo/us/threat-encyclopedia/network/ddi-rule-4110
DDI RULE 2942	CVE-2019-1003000 - JENKINS - HTTP (Request)	HIGH		2019/08/05	DDI RULE 2942	/vinfo/us/threat-encyclopedia/network/ddi-rule-2942
DDI RULE 2934	LG NAS - Command Injection - HTTP (Request)	HIGH		2019/08/05	DDI RULE 2934	/vinfo/us/threat-encyclopedia/network/ddi-rule-2934
DDI RULE 2935	OPENDREAMBOX - Command Injection - HTTP (Request)	HIGH		2019/08/05	DDI RULE 2935	/vinfo/us/threat-encyclopedia/network/ddi-rule-2935
DDI RULE 2936	CVE-2019-3929 - BLACKBOX - COMMAND INJECTION - HTTP (Request)	HIGH		2019/08/05	DDI RULE 2936	/vinfo/us/threat-encyclopedia/network/ddi-rule-2936
DDI RULE 2937	CVE-2019-10867 - PIMCORE - Unserialize RCE - HTTP (Request)	HIGH		2019/08/05	DDI RULE 2937	/vinfo/us/threat-encyclopedia/network/ddi-rule-2937
DDI RULE 2950	CVE-2017-5174 - GEUTEBRUCK - Command Injection - HTTP (Request)	HIGH		2019/08/05	DDI RULE 2950	/vinfo/us/threat-encyclopedia/network/ddi-rule-2950
DDI RULE 2341	COBALTSTRIKE - HTTP (Request)	HIGH		2019/08/05	DDI RULE 2341	/vinfo/us/threat-encyclopedia/network/ddi-rule-2341
DDI RULE 2452	Wget Commandline Injection	MEDIUM		2019/07/31	DDI RULE 2452	/vinfo/us/threat-encyclopedia/network/ddi-rule-2452
DDI RULE 4133	ASTAROTH JSON - HTTP (Response)	HIGH		2019/07/24	DDI RULE 4133	/vinfo/us/threat-encyclopedia/network/ddi-rule-4133
DDI RULE 4163	Possible CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request)	LOW		2019/07/24	DDI RULE 4163	/vinfo/us/threat-encyclopedia/network/ddi-rule-4163
DDI RULE 4152	COBALTSTRIKE - HTTP (Response)	HIGH		2019/07/24	DDI RULE 4152	/vinfo/us/threat-encyclopedia/network/ddi-rule-4152
DDI RULE 4154	CVE-2019-11580 Atlassian RCE Exploit - HTTP (Request)	HIGH		2019/07/24	DDI RULE 4154	/vinfo/us/threat-encyclopedia/network/ddi-rule-4154
DDI RULE 2678	CVE-2014-3120 - ElasticSearch Remote Code Execution Exploit - HTTP (Request)	HIGH		2019/07/24	DDI RULE 2678	/vinfo/us/threat-encyclopedia/network/ddi-rule-2678
DDI RULE 4156	ECH0RAIX - Ransomware - HTTP (Request)	HIGH		2019/07/22	DDI RULE 4156	/vinfo/us/threat-encyclopedia/network/ddi-rule-4156
DDI RULE 4157	NTOP RCE Exploit - HTTP (Request)	HIGH		2019/07/22	DDI RULE 4157	/vinfo/us/threat-encyclopedia/network/ddi-rule-4157
DDI RULE 1122	Office Document File Internal Transfer	LOW		2019/07/22	DDI RULE 1122	/vinfo/us/threat-encyclopedia/network/ddi-rule-1122
DDI RULE 1123	Office Document File Upload	LOW		2019/07/22	DDI RULE 1123	/vinfo/us/threat-encyclopedia/network/ddi-rule-1123
DDI RULE 1119	HTTP Request - Hostname is an IP address	LOW		2019/07/22	DDI RULE 1119	/vinfo/us/threat-encyclopedia/network/ddi-rule-1119
DDI RULE 4155	EICAR COBALTSTRIKE - HTTP (Response)	HIGH		2019/07/18	DDI RULE 4155	/vinfo/us/threat-encyclopedia/network/ddi-rule-4155
DDI RULE 4153	COBALTSTRIKE - HTTP (Request) - Variant 2	HIGH		2019/07/18	DDI RULE 4153	/vinfo/us/threat-encyclopedia/network/ddi-rule-4153
DDI RULE 4138	ICEDID - HTTP (Request) - Variant 2	HIGH		2019/07/18	DDI RULE 4138	/vinfo/us/threat-encyclopedia/network/ddi-rule-4138
DDI RULE 4139	ICEDID - HTTP (Response)	HIGH		2019/07/18	DDI RULE 4139	/vinfo/us/threat-encyclopedia/network/ddi-rule-4139
DDI RULE 4151	WANNALOCKER - Ransomware - HTTP (Request)	HIGH		2019/07/17	DDI RULE 4151	/vinfo/us/threat-encyclopedia/network/ddi-rule-4151
DDI RULE 4132	SHELLBOT - IRC (Request)	HIGH		2019/07/16	DDI RULE 4132	/vinfo/us/threat-encyclopedia/network/ddi-rule-4132
DDI RULE 4149	Possible CVE-2019-1040 MS NTLM Tampering Exploit - SMB (Request)	LOW		2019/07/16	DDI RULE 4149	/vinfo/us/threat-encyclopedia/network/ddi-rule-4149
DDI RULE 4140	INFOSTEAL - HTTP (Request) - Variant 6	HIGH		2019/07/15	DDI RULE 4140	/vinfo/us/threat-encyclopedia/network/ddi-rule-4140
DDI RULE 4136	ECH0RAIX - Ransomware - TCP (Request)	HIGH		2019/07/12	DDI RULE 4136	/vinfo/us/threat-encyclopedia/network/ddi-rule-4136
DDI RULE 4121	Dogfood CRM spell.php Remote Command Execution - HTTP (Request)	HIGH		2019/07/11	DDI RULE 4121	/vinfo/us/threat-encyclopedia/network/ddi-rule-4121
DDI RULE 4123	Redmine SCM Repository 0.9.x/1.0.x - Remote Command Execution - HTTP (Request)	HIGH		2019/07/11	DDI RULE 4123	/vinfo/us/threat-encyclopedia/network/ddi-rule-4123
DDI RULE 4122	CTEK SkyRouter 4200/4300 - Command Execution - HTTP (Request)	HIGH		2019/07/10	DDI RULE 4122	/vinfo/us/threat-encyclopedia/network/ddi-rule-4122
DDI RULE 4105	POSSIBLE MALICIOUS CHROME EXTENSION - HTTP (Request)	MEDIUM		2019/07/10	DDI RULE 4105	/vinfo/us/threat-encyclopedia/network/ddi-rule-4105
DDI RULE 4119	Awstats Remote Command Injection - HTTP (Request)	HIGH		2019/07/10	DDI RULE 4119	/vinfo/us/threat-encyclopedia/network/ddi-rule-4119
DDI RULE 4120	CVE-2005-2847 Barracuda IMG.pl Remote Command Execution - HTTP (Request)	HIGH		2019/07/10	DDI RULE 4120	/vinfo/us/threat-encyclopedia/network/ddi-rule-4120
DDI RULE 2578	CVE-2017-17215 - Remote Code Execution - HTTP (Request)	HIGH		2019/07/10	DDI RULE 2578	/vinfo/us/threat-encyclopedia/network/ddi-rule-2578
DDI RULE 4118	CVE-2007-3010 Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 Command Injection - HTTP (Request)	HIGH		2019/07/09	DDI RULE 4118	/vinfo/us/threat-encyclopedia/network/ddi-rule-4118
DDI RULE 4130	APT - NFLOG - HTTP (Request) - Variant 2	HIGH		2019/07/09	DDI RULE 4130	/vinfo/us/threat-encyclopedia/network/ddi-rule-4130
DDI RULE 4131	NANOCORE - TCP (Request)	HIGH		2019/07/09	DDI RULE 4131	/vinfo/us/threat-encyclopedia/network/ddi-rule-4131
DDI RULE 4127	Suspicious PowerQuery - HTTP (Response)	MEDIUM		2019/07/08	DDI RULE 4127	/vinfo/us/threat-encyclopedia/network/ddi-rule-4127
DDI RULE 4124	GetShell CKNIFE - HTTP (Request)	HIGH		2019/07/08	DDI RULE 4124	/vinfo/us/threat-encyclopedia/network/ddi-rule-4124
DDI RULE 2846	SPELEVO - Exploit Kit -HTTP (Response)	HIGH		2019/07/04	DDI RULE 2846	/vinfo/us/threat-encyclopedia/network/ddi-rule-2846
DDI RULE 4117	Spreecommerce 0.60.1 - Remote Command Execution - HTTP (Request)	HIGH		2019/07/02	DDI RULE 4117	/vinfo/us/threat-encyclopedia/network/ddi-rule-4117
DDI RULE 4113	CVE-2019-12095 Horde Webmail Unauthenticated XSS Exploit - HTTP (Request)	HIGH		2019/07/01	DDI RULE 4113	/vinfo/us/threat-encyclopedia/network/ddi-rule-4113
DDI RULE 4103	Daemon DD-WRT Unauthenticated RCE Exploit - HTTP (Request)	HIGH		2019/06/26	DDI RULE 4103	/vinfo/us/threat-encyclopedia/network/ddi-rule-4103
DDI RULE 4104	Asmax RCE Exploit - HTTP (Request)	HIGH		2019/06/26	DDI RULE 4104	/vinfo/us/threat-encyclopedia/network/ddi-rule-4104
DDI RULE 2943	CVE-2013-5758 Yealink VoIP Phone SIP-T38G RCE - HTTP (Request)	HIGH		2019/06/26	DDI RULE 2943	/vinfo/us/threat-encyclopedia/network/ddi-rule-2943
DDI RULE 2903	Oracle Weblogic Remote Command Execution Exploit - HTTP (Request)	HIGH		2019/06/25	DDI RULE 2903	/vinfo/us/threat-encyclopedia/network/ddi-rule-2903
DDI RULE 2871	possible Directory Traversal Exploit Attempted - URI Variable/URI Path - HTTP (Request)	HIGH		2019/06/25	DDI RULE 2871	/vinfo/us/threat-encyclopedia/network/ddi-rule-2871
DDI RULE 1184	possible Directory Traversal Exploit Attempted - Messagebody - HTTP (Request)	LOW		2019/06/25	DDI RULE 1184	/vinfo/us/threat-encyclopedia/network/ddi-rule-1184
DDI RULE 2172	NULL BYTES - HTTP (Request)	LOW		2019/06/24	DDI RULE 2172	/vinfo/us/threat-encyclopedia/network/ddi-rule-2172
DDI RULE 2786	ThinkPHP 5x Remote Code Execution - HTTP (Request)	HIGH		2019/06/24	DDI RULE 2786	/vinfo/us/threat-encyclopedia/network/ddi-rule-2786
DDI RULE 2811	CVE-2018-15887 Asus device Remote code Execution Exploit- HTTP (Request)	HIGH		2019/06/24	DDI RULE 2811	/vinfo/us/threat-encyclopedia/network/ddi-rule-2811
DDI RULE 2949	CVE-2013-5948 Asus device Remote code Execution Exploit- HTTP (Request)	HIGH		2019/06/24	DDI RULE 2949	/vinfo/us/threat-encyclopedia/network/ddi-rule-2949
DDI RULE 4101	CVE-2019-10149 Exim Remote Code Execution Exploit - SMTP (Request) - Variant 2	HIGH		2019/06/24	DDI RULE 4101	/vinfo/us/threat-encyclopedia/network/ddi-rule-4101
DDI RULE 2933	HIDDENWASP - TCP Connection	HIGH		2019/06/11	DDI RULE 2933	/vinfo/us/threat-encyclopedia/network/ddi-rule-2933
DDI RULE 2898	Weblogic Unauthenticated RCE Exploit- HTTP (Request)	MEDIUM		2019/06/11	DDI RULE 2898	/vinfo/us/threat-encyclopedia/network/ddi-rule-2898
DDI RULE 2922	CVE-2014-6287 Rejetto HttpFileServer RCE Exploit - HTTP (Request)	HIGH		2019/06/11	DDI RULE 2922	/vinfo/us/threat-encyclopedia/network/ddi-rule-2922
DDI RULE 2874	ZEROSHELL RCE EXPLOIT - HTTP (Request)	HIGH		2019/06/10	DDI RULE 2874	/vinfo/us/threat-encyclopedia/network/ddi-rule-2874
DDI RULE 2894	CVE-2019-0192 Apache SOLR RCE Exploit - HTTP (Request)	HIGH		2019/06/10	DDI RULE 2894	/vinfo/us/threat-encyclopedia/network/ddi-rule-2894
DDI RULE 2895	CVE-2014-9727 Fritz RCE Exploit - HTTP (Request)	HIGH		2019/06/10	DDI RULE 2895	/vinfo/us/threat-encyclopedia/network/ddi-rule-2895
DDI RULE 2896	Fritz RCE Exploit - HTTP (Request)	HIGH		2019/06/10	DDI RULE 2896	/vinfo/us/threat-encyclopedia/network/ddi-rule-2896
DDI RULE 2858	CVE-2019-1652 CISCO UNAUTHENTICATED RCE - HTTP (Request)	HIGH		2019/06/10	DDI RULE 2858	/vinfo/us/threat-encyclopedia/network/ddi-rule-2858
DDI RULE 2825	CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request)	HIGH		2019/06/10	DDI RULE 2825	/vinfo/us/threat-encyclopedia/network/ddi-rule-2825
DDI RULE 2930	Possible RIG Exploit Kit - HTTP (Request)	LOW		2019/06/06	DDI RULE 2930	/vinfo/us/threat-encyclopedia/network/ddi-rule-2930
DDI RULE 2931	HIDDENWASP - TCP (Request)	HIGH		2019/06/06	DDI RULE 2931	/vinfo/us/threat-encyclopedia/network/ddi-rule-2931
DDI RULE 2932	HIDDENWASP - TCP (Response)	HIGH		2019/06/06	DDI RULE 2932	/vinfo/us/threat-encyclopedia/network/ddi-rule-2932
DDI RULE 3	Suspicious executable file extension - Variant 2	HIGH		2019/06/06	DDI RULE 3	/vinfo/us/threat-encyclopedia/network/ddi-rule-3
DDI RULE 30	Email/Instant message containing malicious URL	HIGH		2019/06/06	DDI RULE 30	/vinfo/us/threat-encyclopedia/network/ddi-rule-30
DDI RULE 2638	CVE-2018-7602 - Remote Code Execution - HTTP (Request)	HIGH		2019/06/06	DDI RULE 2638	/vinfo/us/threat-encyclopedia/network/ddi-rule-2638
DDI RULE 2348	CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request)	HIGH		2019/06/06	DDI RULE 2348	/vinfo/us/threat-encyclopedia/network/ddi-rule-2348
DDI RULE 2927	Possible WEBSHELL Command - HTTP (Request)	MEDIUM		2019/06/05	DDI RULE 2927	/vinfo/us/threat-encyclopedia/network/ddi-rule-2927
DDI RULE 2917	CVE-2019-3719 Dell Support Assist RCE - HTTP (Request)	HIGH		2019/06/05	DDI RULE 2917	/vinfo/us/threat-encyclopedia/network/ddi-rule-2917
DDI RULE 2928	EANVER Webshell - HTTP (Request)	HIGH		2019/06/04	DDI RULE 2928	/vinfo/us/threat-encyclopedia/network/ddi-rule-2928
DDI RULE 2924	Possible PHP Admin Bruteforce - HTTP (Request)	LOW		2019/06/04	DDI RULE 2924	/vinfo/us/threat-encyclopedia/network/ddi-rule-2924
DDI RULE 2925	HAWKEYE - SMTP (Request)	HIGH		2019/06/04	DDI RULE 2925	/vinfo/us/threat-encyclopedia/network/ddi-rule-2925
DDI RULE 2926	WePresent WiPG1000 Command Injection - HTTP (Request)	HIGH		2019/06/04	DDI RULE 2926	/vinfo/us/threat-encyclopedia/network/ddi-rule-2926
DDI RULE 2132	NEUTRINO - Exploit Kit - HTTP (Request) - Variant 2	LOW		2019/06/04	DDI RULE 2132	/vinfo/us/threat-encyclopedia/network/ddi-rule-2132
DDI RULE 2776	Possible XML External Entity Attack - HTTP (Response)	MEDIUM		2019/06/03	DDI RULE 2776	/vinfo/us/threat-encyclopedia/network/ddi-rule-2776
DDI RULE 2923	BLASQUI Webshell - HTTP (Request)	HIGH		2019/05/30	DDI RULE 2923	/vinfo/us/threat-encyclopedia/network/ddi-rule-2923
DDI RULE 2920	JNAP Information Disclosure Attempt - HTTP (Request)	MEDIUM		2019/05/29	DDI RULE 2920	/vinfo/us/threat-encyclopedia/network/ddi-rule-2920
DDI RULE 2770	Possible XML Information Disclosure - HTTP (Response)	HIGH		2019/05/21	DDI RULE 2770	/vinfo/us/threat-encyclopedia/network/ddi-rule-2770
DDI RULE 2912	CVE-2019-0604 SharePoint Remote Code Execution Exploit - HTTP (Request)	MEDIUM		2019/05/20	DDI RULE 2912	/vinfo/us/threat-encyclopedia/network/ddi-rule-2912
DDI RULE 2915	ASLIROR - HTTP (Request)	HIGH		2019/05/20	DDI RULE 2915	/vinfo/us/threat-encyclopedia/network/ddi-rule-2915
DDI RULE 2916	FUNARECHBOT - TCP (Request)	HIGH		2019/05/20	DDI RULE 2916	/vinfo/us/threat-encyclopedia/network/ddi-rule-2916
DDI RULE 2911	HYPERSHELL - WEBSHELL - HTTP (Request)	HIGH		2019/05/15	DDI RULE 2911	/vinfo/us/threat-encyclopedia/network/ddi-rule-2911
DDI RULE 2877	CVE-2019-0232 Apache Tomcat RCE - HTTP (Request)	HIGH		2019/05/15	DDI RULE 2877	/vinfo/us/threat-encyclopedia/network/ddi-rule-2877
DDI RULE 2908	CVE-2018-16509 GHOSTSCRIPT UNAUTHENTICATED - HTTP (Request)	HIGH		2019/05/13	DDI RULE 2908	/vinfo/us/threat-encyclopedia/network/ddi-rule-2908
DDI RULE 2071	CERBER - Ransomware - UDP	HIGH		2019/05/13	DDI RULE 2071	/vinfo/us/threat-encyclopedia/network/ddi-rule-2071
DDI RULE 2904	Possible IE Exploit - HTTP (Response) - Variant 5	HIGH		2019/05/09	DDI RULE 2904	/vinfo/us/threat-encyclopedia/network/ddi-rule-2904
DDI RULE 2905	Possible IE Exploit - HTTP (Response) - Variant 6	HIGH		2019/05/09	DDI RULE 2905	/vinfo/us/threat-encyclopedia/network/ddi-rule-2905
DDI RULE 2901	CVE-2014-0160 Malformed Heartbeat - SSL (Response) - Variant 2	MEDIUM		2019/05/08	DDI RULE 2901	/vinfo/us/threat-encyclopedia/network/ddi-rule-2901
DDI RULE 2902	SAP Gateway Remote Code Execution Exploit - TCP	MEDIUM		2019/05/08	DDI RULE 2902	/vinfo/us/threat-encyclopedia/network/ddi-rule-2902
DDI RULE 2900	Possible PNG Exploit - HTTP (Request)	MEDIUM		2019/05/07	DDI RULE 2900	/vinfo/us/threat-encyclopedia/network/ddi-rule-2900
DDI RULE 1879	Possible COREBOT DNS Response	MEDIUM		2019/05/07	DDI RULE 1879	/vinfo/us/threat-encyclopedia/network/ddi-rule-1879
DDI RULE 2892	NAMECOIN - HTTP (Request)	HIGH		2019/05/02	DDI RULE 2892	/vinfo/us/threat-encyclopedia/network/ddi-rule-2892
DDI RULE 2890	INFOSTEAL - HTTP (Request) - Variant 5	HIGH		2019/04/30	DDI RULE 2890	/vinfo/us/threat-encyclopedia/network/ddi-rule-2890
DDI RULE 2888	FASTJSON Deserialization Exploit - HTTP (Request)	HIGH		2019/04/25	DDI RULE 2888	/vinfo/us/threat-encyclopedia/network/ddi-rule-2888
DDI RULE 29	Unregistered sender and recipient domains - Email	LOW		2019/04/24	DDI RULE 29	/vinfo/us/threat-encyclopedia/network/ddi-rule-29
DDI RULE 2878	APT - POORWEB - HTTP (Request)	HIGH		2019/04/23	DDI RULE 2878	/vinfo/us/threat-encyclopedia/network/ddi-rule-2878
DDI RULE 2879	IIS - SCANNER - HTTP (Request)	MEDIUM		2019/04/22	DDI RULE 2879	/vinfo/us/threat-encyclopedia/network/ddi-rule-2879
DDI RULE 2342	IMEIJ - TCP	HIGH		2019/04/18	DDI RULE 2342	/vinfo/us/threat-encyclopedia/network/ddi-rule-2342
DDI RULE 2875	CVE-2011-1966 DNS NAPTR QUERY EXPLOIT - DNS (Response)	HIGH		2019/04/17	DDI RULE 2875	/vinfo/us/threat-encyclopedia/network/ddi-rule-2875
DDI RULE 2876	PCASTLE - HTTP (Response)	HIGH		2019/04/17	DDI RULE 2876	/vinfo/us/threat-encyclopedia/network/ddi-rule-2876
DDI RULE 2600	CVE-2017-10271 - Oracle Weblogic Exploit - HTTP (Request)	HIGH		2019/04/16	DDI RULE 2600	/vinfo/us/threat-encyclopedia/network/ddi-rule-2600
DDI RULE 2872	XWO - Backdoor - HTTP (Request)	HIGH		2019/04/11	DDI RULE 2872	/vinfo/us/threat-encyclopedia/network/ddi-rule-2872
DDI RULE 2873	THINKPHP SQL INJECT Exploit - HTTP (Request)	HIGH		2019/04/10	DDI RULE 2873	/vinfo/us/threat-encyclopedia/network/ddi-rule-2873
DDI RULE 2869	CANITMUP - HTTP (Request)	HIGH		2019/04/10	DDI RULE 2869	/vinfo/us/threat-encyclopedia/network/ddi-rule-2869
DDI RULE 2870	IPCAMERA - EXPLOIT - RCE - HTTP (Request)	HIGH		2019/04/09	DDI RULE 2870	/vinfo/us/threat-encyclopedia/network/ddi-rule-2870
DDI RULE 2867	BELKIN Router - HTTP (Request) - Variant 2	HIGH		2019/04/09	DDI RULE 2867	/vinfo/us/threat-encyclopedia/network/ddi-rule-2867
DDI RULE 2868	ZTE Router - HTTP (Request) - Variant 2	HIGH		2019/04/09	DDI RULE 2868	/vinfo/us/threat-encyclopedia/network/ddi-rule-2868
DDI RULE 2526	NECURS - HTTP (Request) - Variant 2	HIGH		2019/04/09	DDI RULE 2526	/vinfo/us/threat-encyclopedia/network/ddi-rule-2526
DDI RULE 1645	Possible Self-Signed SSL certificate detected	MEDIUM		2019/04/09	DDI RULE 1645	/vinfo/us/threat-encyclopedia/network/ddi-rule-1645
DDI RULE 2865	CVE-2018-17173 LG Supersign Remote Code Execution - HTTP (Request)	HIGH		2019/04/08	DDI RULE 2865	/vinfo/us/threat-encyclopedia/network/ddi-rule-2865
DDI RULE 2866	MICASAVERDE VERALITE - Remote Code Execution - HTTP (Request)	HIGH		2019/04/08	DDI RULE 2866	/vinfo/us/threat-encyclopedia/network/ddi-rule-2866
DDI RULE 2816	PHP DIESCAN - HTTP (Request)	HIGH		2019/04/04	DDI RULE 2816	/vinfo/us/threat-encyclopedia/network/ddi-rule-2816
DDI RULE 2000	Metasploit(Payload) - Reverse DLL Inject - TCP (Response)	HIGH		2019/04/04	DDI RULE 2000	/vinfo/us/threat-encyclopedia/network/ddi-rule-2000
DDI RULE 2863	PHP DASHBOARD SQLINJECT - HTTP (Request)	HIGH		2019/04/03	DDI RULE 2863	/vinfo/us/threat-encyclopedia/network/ddi-rule-2863
DDI RULE 2864	CVE-2018-1149 NUUO NVRMini2 BufferOverflow - HTTP (Request)	HIGH		2019/04/03	DDI RULE 2864	/vinfo/us/threat-encyclopedia/network/ddi-rule-2864
DDI RULE 2860	Belking Wemo UPnP RCE Exploit - HTTP (Request)	HIGH		2019/04/02	DDI RULE 2860	/vinfo/us/threat-encyclopedia/network/ddi-rule-2860
DDI RULE 2862	MARSATORMIN - HTTP (Request)	HIGH		2019/03/28	DDI RULE 2862	/vinfo/us/threat-encyclopedia/network/ddi-rule-2862
DDI RULE 2859	Possible SPELEVO - Exploit Kit -HTTP (Response)	HIGH		2019/03/28	DDI RULE 2859	/vinfo/us/threat-encyclopedia/network/ddi-rule-2859
DDI RULE 2856	DLINK Command Injection Exploit - HTTP (Request) - Variant 3	HIGH		2019/03/28	DDI RULE 2856	/vinfo/us/threat-encyclopedia/network/ddi-rule-2856
DDI RULE 2853	NETGEAR DGN2200v1/v2/v3/v4 - CVE-2017-6334 - Remote Code Execution - HTTP (Request)	LOW		2019/03/27	DDI RULE 2853	/vinfo/us/threat-encyclopedia/network/ddi-rule-2853
DDI RULE 2854	LINKSYS_WRT110 - CVE-2013-3568 - Remote Code Execution - HTTP (Request)	LOW		2019/03/27	DDI RULE 2854	/vinfo/us/threat-encyclopedia/network/ddi-rule-2854
DDI RULE 2840	NETCOMMWIRELESS - CVE-2015-6023 - CVE-2015-6024 - Remote Code Execution - HTTP (Request)	LOW		2019/03/27	DDI RULE 2840	/vinfo/us/threat-encyclopedia/network/ddi-rule-2840
DDI RULE 2828	Zyxel - Remote Code Execution - HTTP (Request)	HIGH		2019/03/26	DDI RULE 2828	/vinfo/us/threat-encyclopedia/network/ddi-rule-2828
DDI RULE 2855	Netgear Prosafe RCE Exploit - HTTP (Request)	HIGH		2019/03/26	DDI RULE 2855	/vinfo/us/threat-encyclopedia/network/ddi-rule-2855
DDI RULE 2839	ZTE F460 F660 - Remote Code Execution - HTTP (Request)	HIGH		2019/03/26	DDI RULE 2839	/vinfo/us/threat-encyclopedia/network/ddi-rule-2839
DDI RULE 2857	DLINK 930L RCE EXPLOIT - HTTP (Request)	HIGH		2019/03/26	DDI RULE 2857	/vinfo/us/threat-encyclopedia/network/ddi-rule-2857
DDI RULE 2852	DOC File downloaded in root directory - HTTP (Response)	HIGH		2019/03/20	DDI RULE 2852	/vinfo/us/threat-encyclopedia/network/ddi-rule-2852
DDI RULE 2829	Zyxel - Command Injection - HTTP (Request)	HIGH		2019/03/20	DDI RULE 2829	/vinfo/us/threat-encyclopedia/network/ddi-rule-2829
DDI RULE 2830	Billion-5200W-T - Command Injection - HTTP (Request)	HIGH		2019/03/20	DDI RULE 2830	/vinfo/us/threat-encyclopedia/network/ddi-rule-2830
DDI RULE 2831	Billion 5200W-T - Remote Code Execution - HTTP (Request) - Variant 2	HIGH		2019/03/20	DDI RULE 2831	/vinfo/us/threat-encyclopedia/network/ddi-rule-2831
DDI RULE 2841	3COM - Remote Code Execution - HTTP (Request)	HIGH		2019/03/20	DDI RULE 2841	/vinfo/us/threat-encyclopedia/network/ddi-rule-2841
DDI RULE 1631	Remote Schedule Tasks through SMB protocol detected - Create Command	LOW		2019/03/20	DDI RULE 1631	/vinfo/us/threat-encyclopedia/network/ddi-rule-1631
DDI RULE 1632	Remote Schedule Tasks through SMB protocol detected - Run Command	LOW		2019/03/20	DDI RULE 1632	/vinfo/us/threat-encyclopedia/network/ddi-rule-1632
DDI RULE 1633	Remote Schedule Tasks through SMB protocol detected - Delete Command	LOW		2019/03/20	DDI RULE 1633	/vinfo/us/threat-encyclopedia/network/ddi-rule-1633
DDI RULE 1763	STRPADT - HTTP (Request)	HIGH		2019/03/19	DDI RULE 1763	/vinfo/us/threat-encyclopedia/network/ddi-rule-1763
DDI RULE 2849	CVE-2019-9194-HTTP RCE - ELFINDER (Request)	HIGH		2019/03/19	DDI RULE 2849	/vinfo/us/threat-encyclopedia/network/ddi-rule-2849
DDI RULE 2850	CHWRITER - HTTP (Request)	HIGH		2019/03/19	DDI RULE 2850	/vinfo/us/threat-encyclopedia/network/ddi-rule-2850
DDI RULE 2851	MAKO WEB SERVER - Command Injection - HTTP (Request)	HIGH		2019/03/19	DDI RULE 2851	/vinfo/us/threat-encyclopedia/network/ddi-rule-2851
DDI RULE 2710	FLAWEDAMMYY - TCP (Request)	HIGH		2019/03/18	DDI RULE 2710	/vinfo/us/threat-encyclopedia/network/ddi-rule-2710
DDI RULE 2400	Remote Enumerate Registry through SMB protocol detected	LOW		2019/03/18	DDI RULE 2400	/vinfo/us/threat-encyclopedia/network/ddi-rule-2400
DDI RULE 2401	Remote Read Registry through SMB protocol detected	LOW		2019/03/18	DDI RULE 2401	/vinfo/us/threat-encyclopedia/network/ddi-rule-2401
DDI RULE 2415	Remote Delete Registry through SMB protocol detected	LOW		2019/03/18	DDI RULE 2415	/vinfo/us/threat-encyclopedia/network/ddi-rule-2415
DDI RULE 2068	DRIDEX - SSL (Request)	HIGH		2019/03/13	DDI RULE 2068	/vinfo/us/threat-encyclopedia/network/ddi-rule-2068
DDI RULE 2848	INFOSTEAL - HTTP (Request) - Variant 4	HIGH		2019/03/13	DDI RULE 2848	/vinfo/us/threat-encyclopedia/network/ddi-rule-2848
DDI RULE 2834	CVE-2019-8942 WordPress Image Remote Code Execution Exploit - HTTP (Request)	HIGH		2019/03/12	DDI RULE 2834	/vinfo/us/threat-encyclopedia/network/ddi-rule-2834
DDI RULE 2780	TRICKBOT - HTTP (Request)	HIGH		2019/03/12	DDI RULE 2780	/vinfo/us/threat-encyclopedia/network/ddi-rule-2780
DDI RULE 2844	RIG - Exploit Kit - HTTP (Request) - Variant 2	HIGH		2019/03/11	DDI RULE 2844	/vinfo/us/threat-encyclopedia/network/ddi-rule-2844
DDI RULE 2847	INFOSTEAL - FTP (Request)	HIGH		2019/03/11	DDI RULE 2847	/vinfo/us/threat-encyclopedia/network/ddi-rule-2847
DDI RULE 2408	Remote Enumerate Job through SMB protocol detected	LOW		2019/03/11	DDI RULE 2408	/vinfo/us/threat-encyclopedia/network/ddi-rule-2408
DDI RULE 2352	CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request) - Variant 2	HIGH		2019/03/11	DDI RULE 2352	/vinfo/us/threat-encyclopedia/network/ddi-rule-2352
DDI RULE 1535	ZACOM - HTTP (Request)	HIGH		2019/03/11	DDI RULE 1535	/vinfo/us/threat-encyclopedia/network/ddi-rule-1535
DDI RULE 1195	Remote Add Job through SMB Protocol Detected	LOW		2019/03/11	DDI RULE 1195	/vinfo/us/threat-encyclopedia/network/ddi-rule-1195
DDI RULE 1196	Remote Delete Job through SMB Detected	MEDIUM		2019/03/11	DDI RULE 1196	/vinfo/us/threat-encyclopedia/network/ddi-rule-1196
DDI RULE 12	Archive file containing file with double extension	MEDIUM		2019/03/11	DDI RULE 12	/vinfo/us/threat-encyclopedia/network/ddi-rule-12
DDI RULE 2845	Possible PDF in Chrome Information Disclosure - HTTP (Request)	MEDIUM		2019/03/07	DDI RULE 2845	/vinfo/us/threat-encyclopedia/network/ddi-rule-2845
DDI RULE 2826	JBOSS Webshell - HTTP (Request)	HIGH		2019/03/06	DDI RULE 2826	/vinfo/us/threat-encyclopedia/network/ddi-rule-2826
DDI RULE 2819	FASTGATE - Command Injection - HTTP (Request)	HIGH		2019/03/06	DDI RULE 2819	/vinfo/us/threat-encyclopedia/network/ddi-rule-2819
DDI RULE 2814	JOOMLA - HTTP (Request)	HIGH		2019/03/05	DDI RULE 2814	/vinfo/us/threat-encyclopedia/network/ddi-rule-2814
DDI RULE 2791	EMPIRE - HTTP (Request) - Variant 2	MEDIUM		2019/03/05	DDI RULE 2791	/vinfo/us/threat-encyclopedia/network/ddi-rule-2791
DDI RULE 2836	CVE-2017-0171 - Denial of Service - DNS (Response)	MEDIUM		2019/03/05	DDI RULE 2836	/vinfo/us/threat-encyclopedia/network/ddi-rule-2836
DDI RULE 2837	CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request)	MEDIUM		2019/03/05	DDI RULE 2837	/vinfo/us/threat-encyclopedia/network/ddi-rule-2837
DDI RULE 2842	CVE-2014-9118 ZHONE RCE EXPLOIT - HTTP (Request)	HIGH		2019/03/05	DDI RULE 2842	/vinfo/us/threat-encyclopedia/network/ddi-rule-2842
DDI RULE 2843	ZHONE XSS Exploit - HTTP (Request)	HIGH		2019/03/05	DDI RULE 2843	/vinfo/us/threat-encyclopedia/network/ddi-rule-2843
DDI RULE 2838	SPEAKUP - HTTP (Request)	HIGH		2019/03/04	DDI RULE 2838	/vinfo/us/threat-encyclopedia/network/ddi-rule-2838
DDI RULE 2835	CVE-2016-3088 ACTIVEMQ - HTTP (Request)	HIGH		2019/03/04	DDI RULE 2835	/vinfo/us/threat-encyclopedia/network/ddi-rule-2835
DDI RULE 2833	CVE-2019-6340 Drupal 8 RESTful Web Services Remote Code Execution - HTTP (Request)	HIGH		2019/03/04	DDI RULE 2833	/vinfo/us/threat-encyclopedia/network/ddi-rule-2833
DDI RULE 2806	CVE-2016-1555 - Netgear Devices - Unauthenticated Remote Code Execution - HTTP (Request)	HIGH		2019/03/04	DDI RULE 2806	/vinfo/us/threat-encyclopedia/network/ddi-rule-2806
DDI RULE 2820	Hootoo HT5 Remote code Execution - HTTP (Request)	HIGH		2019/03/04	DDI RULE 2820	/vinfo/us/threat-encyclopedia/network/ddi-rule-2820
DDI RULE 2823	CKNIFE - HTTP (Request) - Variant 2	HIGH		2019/02/21	DDI RULE 2823	/vinfo/us/threat-encyclopedia/network/ddi-rule-2823
DDI RULE 2824	CVE-2015-2280 AirLink OS Command Injection - HTTP (Request)	HIGH		2019/02/21	DDI RULE 2824	/vinfo/us/threat-encyclopedia/network/ddi-rule-2824
DDI RULE 2822	RATBLAMIK - TCP (Request)	HIGH		2019/02/20	DDI RULE 2822	/vinfo/us/threat-encyclopedia/network/ddi-rule-2822
DDI RULE 2821	NEUTRINO - HTTP (Response)	MEDIUM		2019/02/19	DDI RULE 2821	/vinfo/us/threat-encyclopedia/network/ddi-rule-2821
DDI RULE 2385	SOAP RCE EXPLOIT - HTTP (Request)	HIGH		2019/02/14	DDI RULE 2385	/vinfo/us/threat-encyclopedia/network/ddi-rule-2385
DDI RULE 2224	Covert Iodine tunnel - DNS (Request)	LOW		2019/02/12	DDI RULE 2224	/vinfo/us/threat-encyclopedia/network/ddi-rule-2224
DDI RULE 2795	Unauthorized Write Request - DNP3 (Request)	LOW		2019/02/11	DDI RULE 2795	/vinfo/us/threat-encyclopedia/network/ddi-rule-2795
DDI RULE 2796	Unauthorized Broadcast Request - DNP3 (Request)	LOW		2019/02/11	DDI RULE 2796	/vinfo/us/threat-encyclopedia/network/ddi-rule-2796
DDI RULE 2797	Possible Denial of Service - DNP3 (Request)	LOW		2019/02/11	DDI RULE 2797	/vinfo/us/threat-encyclopedia/network/ddi-rule-2797
DDI RULE 2798	Unauthorized Read Request - DNP3 (Request)	LOW		2019/02/11	DDI RULE 2798	/vinfo/us/threat-encyclopedia/network/ddi-rule-2798
DDI RULE 2799	Possible Scan of Points List - DNP3 (Response) Beta	LOW		2019/02/11	DDI RULE 2799	/vinfo/us/threat-encyclopedia/network/ddi-rule-2799
DDI RULE 28	Unregistered service running on non-standard port	LOW		2019/02/11	DDI RULE 28	/vinfo/us/threat-encyclopedia/network/ddi-rule-28
DDI RULE 2800	Possible Scan of Outstation - DNP3 (Response) Beta	LOW		2019/02/11	DDI RULE 2800	/vinfo/us/threat-encyclopedia/network/ddi-rule-2800
DDI RULE 2801	Multiple Unsolicited Response - DNP3 (Response) Beta	LOW		2019/02/11	DDI RULE 2801	/vinfo/us/threat-encyclopedia/network/ddi-rule-2801
DDI RULE 2810	CVE-2019-6703 WordPress Total Donations Unauthentication Exploit - HTTP (Request)	MEDIUM		2019/02/07	DDI RULE 2810	/vinfo/us/threat-encyclopedia/network/ddi-rule-2810
DDI RULE 2807	TEAMFOSTEALER - HTTP (Request)	HIGH		2019/02/07	DDI RULE 2807	/vinfo/us/threat-encyclopedia/network/ddi-rule-2807
DDI RULE 2812	CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Request)	MEDIUM		2019/02/07	DDI RULE 2812	/vinfo/us/threat-encyclopedia/network/ddi-rule-2812
DDI RULE 2813	CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Response)	HIGH		2019/02/07	DDI RULE 2813	/vinfo/us/threat-encyclopedia/network/ddi-rule-2813
DDI RULE 2209	NEUTRINO - Exploit Kit - HTTP (Request) - Variant 5	MEDIUM		2019/02/06	DDI RULE 2209	/vinfo/us/threat-encyclopedia/network/ddi-rule-2209
DDI RULE 1562	DARKHOLE - HTTP (Request) - Variant 2	HIGH		2019/02/06	DDI RULE 1562	/vinfo/us/threat-encyclopedia/network/ddi-rule-1562
DDI RULE 2817	KEYPATH Command Injection - HTTP (Request)	HIGH		2019/02/05	DDI RULE 2817	/vinfo/us/threat-encyclopedia/network/ddi-rule-2817
DDI RULE 2818	SERVHELPER - HTTP (Request)	HIGH		2019/02/05	DDI RULE 2818	/vinfo/us/threat-encyclopedia/network/ddi-rule-2818
DDI RULE 2815	SIEREN - TCP(Request)	HIGH		2019/01/31	DDI RULE 2815	/vinfo/us/threat-encyclopedia/network/ddi-rule-2815
DDI RULE 2306	KVNDM - HTTP (Request)	HIGH		2019/01/30	DDI RULE 2306	/vinfo/us/threat-encyclopedia/network/ddi-rule-2306
DDI RULE 2808	FALLOUT - Exploit Kit - HTTP (Response) - Variant 3	MEDIUM		2019/01/29	DDI RULE 2808	/vinfo/us/threat-encyclopedia/network/ddi-rule-2808
DDI RULE 2802	Oracle Weblogic Exploit - HTTP (Request)	HIGH		2019/01/23	DDI RULE 2802	/vinfo/us/threat-encyclopedia/network/ddi-rule-2802
DDI RULE 2803	Link-Net LW-N605R Remote Code Execution Exploit - HTTP (Request)	HIGH		2019/01/23	DDI RULE 2803	/vinfo/us/threat-encyclopedia/network/ddi-rule-2803
DDI RULE 2804	Possible Router Exploit Kit - HTTP (Response)	HIGH		2019/01/23	DDI RULE 2804	/vinfo/us/threat-encyclopedia/network/ddi-rule-2804
DDI RULE 2805	CVE-2019-0547 Client Remote Code Execution Exploit - DHCP (Response)	MEDIUM		2019/01/23	DDI RULE 2805	/vinfo/us/threat-encyclopedia/network/ddi-rule-2805
DDI RULE 1871	DRIDEX - HTTP (Request) - Variant 3	HIGH		2019/01/23	DDI RULE 1871	/vinfo/us/threat-encyclopedia/network/ddi-rule-1871
DDI RULE 2143	SQLINJECT - HTTP (Request)	LOW		2019/01/22	DDI RULE 2143	/vinfo/us/threat-encyclopedia/network/ddi-rule-2143
DDI RULE 2793	APT - WINNTI - HTTP (Response)	HIGH		2019/01/21	DDI RULE 2793	/vinfo/us/threat-encyclopedia/network/ddi-rule-2793
DDI RULE 2794	RIG - Exploit Kit - HTTP (Request) - Variant 7	HIGH		2019/01/17	DDI RULE 2794	/vinfo/us/threat-encyclopedia/network/ddi-rule-2794
DDI RULE 2520	MAGNITUDE - Exploit Kit - HTTP (Request) - Variant 4	HIGH		2019/01/17	DDI RULE 2520	/vinfo/us/threat-encyclopedia/network/ddi-rule-2520
DDI RULE 1549	APT - WINNTI - HTTP (Request)	HIGH		2019/01/14	DDI RULE 1549	/vinfo/us/threat-encyclopedia/network/ddi-rule-1549
DDI RULE 2792	APT - KONNI - HTTP (Request)	HIGH		2019/01/09	DDI RULE 2792	/vinfo/us/threat-encyclopedia/network/ddi-rule-2792
DDI RULE 2144	NEUTRINO - Exploit Kit - HTTP (Request) - Variant 3	MEDIUM		2019/01/03	DDI RULE 2144	/vinfo/us/threat-encyclopedia/network/ddi-rule-2144
DDI RULE 2789	CVE-2018-8653 MSIE Remote Code Execution - HTTP (Response)	MEDIUM		2018/12/27	DDI RULE 2789	/vinfo/us/threat-encyclopedia/network/ddi-rule-2789
DDI RULE 2790	APT - WILDPOSITRON - HTTP (Request)	HIGH		2018/12/26	DDI RULE 2790	/vinfo/us/threat-encyclopedia/network/ddi-rule-2790
DDI RULE 1229	ALINA HTTP request - Variant 1	HIGH		2018/12/26	DDI RULE 1229	/vinfo/us/threat-encyclopedia/network/ddi-rule-1229
DDI RULE 2787	CRISISHT - HTTP (Request)	MEDIUM		2018/12/20	DDI RULE 2787	/vinfo/us/threat-encyclopedia/network/ddi-rule-2787
DDI RULE 2788	CVE-2018-8476 Windows Deployment Services Remote Code Execution Exploit - TFTP (Request)	MEDIUM		2018/12/20	DDI RULE 2788	/vinfo/us/threat-encyclopedia/network/ddi-rule-2788
DDI RULE 2784	Ncrack/Hydra Brute Force Tool - RDP(Request)	HIGH		2018/12/19	DDI RULE 2784	/vinfo/us/threat-encyclopedia/network/ddi-rule-2784
DDI RULE 2785	L0RDIX - HTTP (Request)	MEDIUM		2018/12/18	DDI RULE 2785	/vinfo/us/threat-encyclopedia/network/ddi-rule-2785
DDI RULE 2397	STONEDRILL - HTTP (Request) - Variant 2	HIGH		2018/12/18	DDI RULE 2397	/vinfo/us/threat-encyclopedia/network/ddi-rule-2397
DDI RULE 2779	DNSpoinage DNS - (Response)	HIGH		2018/12/12	DDI RULE 2779	/vinfo/us/threat-encyclopedia/network/ddi-rule-2779
DDI RULE 2782	TILDEB - TCP (Request)	MEDIUM		2018/12/11	DDI RULE 2782	/vinfo/us/threat-encyclopedia/network/ddi-rule-2782
DDI RULE 2081	CRYPTEAR - Ransomware - HTTP (Request)	HIGH		2018/12/11	DDI RULE 2081	/vinfo/us/threat-encyclopedia/network/ddi-rule-2081
DDI RULE 2418	Suspicious file rename - SMB (Request)	HIGH		2018/12/04	DDI RULE 2418	/vinfo/us/threat-encyclopedia/network/ddi-rule-2418
DDI RULE 2420	Shodan Internet Scan - Malware Hunter C&C Server Scan	LOW		2018/12/04	DDI RULE 2420	/vinfo/us/threat-encyclopedia/network/ddi-rule-2420
DDI RULE 2421	Shodan Internet Scan - Possible Exposed Device/Service	LOW		2018/12/04	DDI RULE 2421	/vinfo/us/threat-encyclopedia/network/ddi-rule-2421
DDI RULE 2442	Possible PsExec PETYA - Ransomware - SMB	MEDIUM		2018/12/04	DDI RULE 2442	/vinfo/us/threat-encyclopedia/network/ddi-rule-2442
DDI RULE 1214	BAYROB - HTTP (Request)	MEDIUM		2018/11/28	DDI RULE 1214	/vinfo/us/threat-encyclopedia/network/ddi-rule-1214
DDI RULE 2731	KAIXIN - Exploit Kit - HTTP (Response) - Variant 5	HIGH		2018/11/22	DDI RULE 2731	/vinfo/us/threat-encyclopedia/network/ddi-rule-2731
DDI RULE 2775	DOCKER API - HTTP (Request)	HIGH		2018/11/21	DDI RULE 2775	/vinfo/us/threat-encyclopedia/network/ddi-rule-2775
DDI RULE 2777	Apache Struts File Upload - HTTP (Request)	HIGH		2018/11/21	DDI RULE 2777	/vinfo/us/threat-encyclopedia/network/ddi-rule-2777
DDI RULE 2778	ZTE ZXV10 Remote Code Execution Exploit - HTTP (Request)	HIGH		2018/11/21	DDI RULE 2778	/vinfo/us/threat-encyclopedia/network/ddi-rule-2778
DDI RULE 2621	Remote Code Execution - HTTP (Request)	HIGH		2018/11/21	DDI RULE 2621	/vinfo/us/threat-encyclopedia/network/ddi-rule-2621
DDI RULE 2494	APT - ANEL - HTTP (Request)	HIGH		2018/11/20	DDI RULE 2494	/vinfo/us/threat-encyclopedia/network/ddi-rule-2494
DDI RULE 2771	APT - POISONIVY - HTTP (Request)	HIGH		2018/11/20	DDI RULE 2771	/vinfo/us/threat-encyclopedia/network/ddi-rule-2771
DDI RULE 2772	APT - GHOST - TCP (Request)	HIGH		2018/11/20	DDI RULE 2772	/vinfo/us/threat-encyclopedia/network/ddi-rule-2772
DDI RULE 2774	APT - POWLOADR - HTTP (Request)	HIGH		2018/11/20	DDI RULE 2774	/vinfo/us/threat-encyclopedia/network/ddi-rule-2774
DDI RULE 2713	AVTECH Command Injection Exploit - HTTP (Request)	HIGH		2018/11/20	DDI RULE 2713	/vinfo/us/threat-encyclopedia/network/ddi-rule-2713
DDI RULE 2474	APT - PLEAD - TCP (Request)	HIGH		2018/11/20	DDI RULE 2474	/vinfo/us/threat-encyclopedia/network/ddi-rule-2474
DDI RULE 2716	BINBASH Download - HTTP (Response)	HIGH		2018/11/12	DDI RULE 2716	/vinfo/us/threat-encyclopedia/network/ddi-rule-2716
DDI RULE 2765	GZ Inflate in PHP File - HTTP (Response)	LOW		2018/11/12	DDI RULE 2765	/vinfo/us/threat-encyclopedia/network/ddi-rule-2765
DDI RULE 2766	Possible WINBOX Remote Code Execution - TCP	MEDIUM		2018/11/12	DDI RULE 2766	/vinfo/us/threat-encyclopedia/network/ddi-rule-2766
DDI RULE 2767	Window Shell Remote Code Execution - HTTP (Response)	HIGH		2018/11/12	DDI RULE 2767	/vinfo/us/threat-encyclopedia/network/ddi-rule-2767
DDI RULE 2768	DLINK Router Dns Changer Exploit - HTTP (Request)	HIGH		2018/11/12	DDI RULE 2768	/vinfo/us/threat-encyclopedia/network/ddi-rule-2768
DDI RULE 277	AUTORUN - HTTP (Response) - Variant 2	HIGH		2018/11/12	DDI RULE 277	/vinfo/us/threat-encyclopedia/network/ddi-rule-277
DDI RULE 2764	Possible CVE-2018-8413 Windows Theme API RCE Download - HTTP (Response)	MEDIUM		2018/11/08	DDI RULE 2764	/vinfo/us/threat-encyclopedia/network/ddi-rule-2764
DDI RULE 2763	Possible CVE-2018-15454 - Cisco ASA and FTD Software DOS - UDP (Response)	LOW		2018/11/07	DDI RULE 2763	/vinfo/us/threat-encyclopedia/network/ddi-rule-2763
DDI RULE 2762	CVE-2018-9206 - JQuery Arbitrary File Upload Exploit Attempt - HTTP (Request)	HIGH		2018/11/06	DDI RULE 2762	/vinfo/us/threat-encyclopedia/network/ddi-rule-2762
DDI RULE 2756	Possible ADWIND - Malicious Certificate - HTTPS (Response)	LOW		2018/11/06	DDI RULE 2756	/vinfo/us/threat-encyclopedia/network/ddi-rule-2756
DDI RULE 2007	URSNIF - HTTP (Request) - Variant 3	HIGH		2018/11/06	DDI RULE 2007	/vinfo/us/threat-encyclopedia/network/ddi-rule-2007
DDI RULE 2759	UNDERMINER - Exploit Kit - HTTP (Request) - Variant 2	HIGH		2018/10/30	DDI RULE 2759	/vinfo/us/threat-encyclopedia/network/ddi-rule-2759
DDI RULE 2760	DRIDEX - Malicious certificate - SSL - Variant 2	HIGH		2018/10/30	DDI RULE 2760	/vinfo/us/threat-encyclopedia/network/ddi-rule-2760
DDI RULE 2761	URSNIF - HTTP (Request) - Variant 6	HIGH		2018/10/30	DDI RULE 2761	/vinfo/us/threat-encyclopedia/network/ddi-rule-2761
DDI RULE 2632	GRAVITYRAT - HTTP (Request)	HIGH		2018/10/29	DDI RULE 2632	/vinfo/us/threat-encyclopedia/network/ddi-rule-2632
DDI RULE 1170	ANDROMEDA - HTTP (Request)	HIGH		2018/10/25	DDI RULE 1170	/vinfo/us/threat-encyclopedia/network/ddi-rule-1170
DDI RULE 2757	ELF File requested from root directory - HTTP (Response)	HIGH		2018/10/22	DDI RULE 2757	/vinfo/us/threat-encyclopedia/network/ddi-rule-2757
DDI RULE 2758	GZ File requested from root directory - HTTP (Request)	HIGH		2018/10/22	DDI RULE 2758	/vinfo/us/threat-encyclopedia/network/ddi-rule-2758
DDI RULE 2724	CVE-2018-8373 VBScript Use-After-Free Exploit - HTTP (Response)	MEDIUM		2018/10/08	DDI RULE 2724	/vinfo/us/threat-encyclopedia/network/ddi-rule-2724
DDI RULE 2726	CVE-2018-11776 - APACHE STRUTS RCE EXPLOIT - HTTP (Request)	HIGH		2018/10/04	DDI RULE 2726	/vinfo/us/threat-encyclopedia/network/ddi-rule-2726
DDI RULE 2754	EnGenius EnShare Remote Code Execution Exploit - HTTP (Request)	HIGH		2018/10/03	DDI RULE 2754	/vinfo/us/threat-encyclopedia/network/ddi-rule-2754
DDI RULE 2755	CVE-2017-6884 Zyxel OS Command Injection Exploit - HTTP (Request)	MEDIUM		2018/10/03	DDI RULE 2755	/vinfo/us/threat-encyclopedia/network/ddi-rule-2755
DDI RULE 2692	LINKSYS Unauthenticated Remote Code Execution Exploit - HTTP (Request)	HIGH		2018/10/03	DDI RULE 2692	/vinfo/us/threat-encyclopedia/network/ddi-rule-2692
DDI RULE 2544	JAWS Remote Code Execution Exploit - HTTP (Request)	HIGH		2018/10/03	DDI RULE 2544	/vinfo/us/threat-encyclopedia/network/ddi-rule-2544
DDI RULE 2723	MAGNITUDE - Exploit Kit - HTTP (Response)	HIGH		2018/10/02	DDI RULE 2723	/vinfo/us/threat-encyclopedia/network/ddi-rule-2723
DDI RULE 2753	FALLOUT - Exploit Kit - HTTP (Request)	MEDIUM		2018/10/01	DDI RULE 2753	/vinfo/us/threat-encyclopedia/network/ddi-rule-2753
DDI RULE 2623	Remote Code Execution - HTTP (Request) - Variant 2	HIGH		2018/10/01	DDI RULE 2623	/vinfo/us/threat-encyclopedia/network/ddi-rule-2623
DDI RULE 2749	Possible IE Exploit - HTTP (Response) - Variant 4	LOW		2018/09/27	DDI RULE 2749	/vinfo/us/threat-encyclopedia/network/ddi-rule-2749
DDI RULE 2750	CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)	HIGH		2018/09/27	DDI RULE 2750	/vinfo/us/threat-encyclopedia/network/ddi-rule-2750
DDI RULE 2751	Remote Command Shell - TCP	HIGH		2018/09/27	DDI RULE 2751	/vinfo/us/threat-encyclopedia/network/ddi-rule-2751
DDI RULE 2752	Remote PowerShell - TCP	HIGH		2018/09/27	DDI RULE 2752	/vinfo/us/threat-encyclopedia/network/ddi-rule-2752
DDI RULE 2736	ANTAK Webshell - HTTP (Request)	MEDIUM		2018/09/27	DDI RULE 2736	/vinfo/us/threat-encyclopedia/network/ddi-rule-2736
DDI RULE 2734	TUNNA Webshell - HTTP (Request)	LOW		2018/09/24	DDI RULE 2734	/vinfo/us/threat-encyclopedia/network/ddi-rule-2734
DDI RULE 2735	TUNNA Webshell - HTTP (Request) - Variant 2	MEDIUM		2018/09/24	DDI RULE 2735	/vinfo/us/threat-encyclopedia/network/ddi-rule-2735
DDI RULE 2728	NUUO Command Injection - HTTP (Request)	HIGH		2018/09/17	DDI RULE 2728	/vinfo/us/threat-encyclopedia/network/ddi-rule-2728
DDI RULE 2746	BLUEBANANA - TCP (Request)	HIGH		2018/09/13	DDI RULE 2746	/vinfo/us/threat-encyclopedia/network/ddi-rule-2746
DDI RULE 2747	IE Exploit - HTTP (Response)	HIGH		2018/09/13	DDI RULE 2747	/vinfo/us/threat-encyclopedia/network/ddi-rule-2747
DDI RULE 2748	Possible IE Exploit - HTTP (Response) - Variant 3	LOW		2018/09/13	DDI RULE 2748	/vinfo/us/threat-encyclopedia/network/ddi-rule-2748
DDI RULE 2745	CVE-2018-9866 SonicWall XML RPC Remote Code Execution Exploit - HTTP (Request)	HIGH		2018/09/12	DDI RULE 2745	/vinfo/us/threat-encyclopedia/network/ddi-rule-2745
DDI RULE 2732	CVE-2009-3103 - Remote Code Execution - SMB2	HIGH		2018/09/04	DDI RULE 2732	/vinfo/us/threat-encyclopedia/network/ddi-rule-2732
DDI RULE 2167	ALFA - Ransomware - HTTP (Request)	HIGH		2018/09/04	DDI RULE 2167	/vinfo/us/threat-encyclopedia/network/ddi-rule-2167
DDI RULE 2714	KAIXIN - Exploit Kit - HTTP (Request) - Variant 2	HIGH		2018/09/03	DDI RULE 2714	/vinfo/us/threat-encyclopedia/network/ddi-rule-2714
DDI RULE 2730	OMRON FINS TCP Read Controller Attempt NSE - TCP (Request)	LOW		2018/08/30	DDI RULE 2730	/vinfo/us/threat-encyclopedia/network/ddi-rule-2730
DDI RULE 475	PALEVO - UDP - Variant 2	MEDIUM		2018/08/30	DDI RULE 475	/vinfo/us/threat-encyclopedia/network/ddi-rule-475
DDI RULE 48	Query of a non-trusted domain mail exchanger using the host's DNS A record	LOW		2018/08/30	DDI RULE 48	/vinfo/us/threat-encyclopedia/network/ddi-rule-48
DDI RULE 49	Session using standard port - IRC	LOW		2018/08/30	DDI RULE 49	/vinfo/us/threat-encyclopedia/network/ddi-rule-49
DDI RULE 5	Executable file name with multiple consecutive spaces	HIGH		2018/08/30	DDI RULE 5	/vinfo/us/threat-encyclopedia/network/ddi-rule-5
DDI RULE 50	Host DNS MX record query of a trusted domain	LOW		2018/08/30	DDI RULE 50	/vinfo/us/threat-encyclopedia/network/ddi-rule-50
DDI RULE 51	Malware-related subject and executable file - Email	LOW		2018/08/30	DDI RULE 51	/vinfo/us/threat-encyclopedia/network/ddi-rule-51
DDI RULE 52	Unregistered mail server - Email	LOW		2018/08/30	DDI RULE 52	/vinfo/us/threat-encyclopedia/network/ddi-rule-52
DDI RULE 54	Archive file containing packed executable file - Email	HIGH		2018/08/30	DDI RULE 54	/vinfo/us/threat-encyclopedia/network/ddi-rule-54
DDI RULE 542	SYKIPOT - Server certificate - SSL	HIGH		2018/08/30	DDI RULE 542	/vinfo/us/threat-encyclopedia/network/ddi-rule-542
DDI RULE 55	File name with multiple consecutive spaces and executable extension	HIGH		2018/08/30	DDI RULE 55	/vinfo/us/threat-encyclopedia/network/ddi-rule-55
DDI RULE 2729	Possible IE Exploit - HTTP (Response) - Variant 2	LOW		2018/08/29	DDI RULE 2729	/vinfo/us/threat-encyclopedia/network/ddi-rule-2729
DDI RULE 2416	DETOXCRYPTO - Ransomware - HTTP (Request)	HIGH		2018/08/29	DDI RULE 2416	/vinfo/us/threat-encyclopedia/network/ddi-rule-2416
DDI RULE 2413	TRICKBOT - HTTP (Request)	HIGH		2018/08/29	DDI RULE 2413	/vinfo/us/threat-encyclopedia/network/ddi-rule-2413
DDI RULE 2011	UPATRE - HTTP (Request) - Variant 3	HIGH		2018/08/29	DDI RULE 2011	/vinfo/us/threat-encyclopedia/network/ddi-rule-2011
DDI RULE 2005	Possible EDELLROOT certificate detected	HIGH		2018/08/29	DDI RULE 2005	/vinfo/us/threat-encyclopedia/network/ddi-rule-2005
DDI RULE 1128	BANLOAD - HTTP (Request)	HIGH		2018/08/29	DDI RULE 1128	/vinfo/us/threat-encyclopedia/network/ddi-rule-1128
DDI RULE 1155	BITCOIN - HTTP (Request)	HIGH		2018/08/29	DDI RULE 1155	/vinfo/us/threat-encyclopedia/network/ddi-rule-1155
DDI RULE 1663	CRAZYK - HTTP (Request)	HIGH		2018/08/29	DDI RULE 1663	/vinfo/us/threat-encyclopedia/network/ddi-rule-1663
DDI RULE 2725	Reverse Meterpreter - HTTP (Response)	HIGH		2018/08/22	DDI RULE 2725	/vinfo/us/threat-encyclopedia/network/ddi-rule-2725
DDI RULE 2711	UNDERMINER - Exploit Kit - HTTP (Response)	HIGH		2018/08/22	DDI RULE 2711	/vinfo/us/threat-encyclopedia/network/ddi-rule-2711
DDI RULE 2698	APT - WATERHOLE - HTTP (Request) - Variant 2	HIGH		2018/08/22	DDI RULE 2698	/vinfo/us/threat-encyclopedia/network/ddi-rule-2698
DDI RULE 2672	CKNIFE - HTTP (Request)	HIGH		2018/08/22	DDI RULE 2672	/vinfo/us/threat-encyclopedia/network/ddi-rule-2672
DDI RULE 2690	JSPSPY Webshell - HTTP (Request)	HIGH		2018/08/20	DDI RULE 2690	/vinfo/us/threat-encyclopedia/network/ddi-rule-2690
DDI RULE 2676	PHP Webshell - HTTP (Request) - Variant 2	HIGH		2018/08/20	DDI RULE 2676	/vinfo/us/threat-encyclopedia/network/ddi-rule-2676
DDI RULE 27	Host DNS Mx record query of a non-trusted domain	LOW		2018/08/20	DDI RULE 27	/vinfo/us/threat-encyclopedia/network/ddi-rule-27
DDI RULE 2719	WebScript Injection - HTTP (Request)	MEDIUM		2018/08/13	DDI RULE 2719	/vinfo/us/threat-encyclopedia/network/ddi-rule-2719
DDI RULE 2720	CVE-2018-2894 Weblogic Arbitrary File Upload Exploit - HTTP (Request)	MEDIUM		2018/08/13	DDI RULE 2720	/vinfo/us/threat-encyclopedia/network/ddi-rule-2720
DDI RULE 1552	APT - HAVEX - HTTP (Request)	HIGH		2018/08/13	DDI RULE 1552	/vinfo/us/threat-encyclopedia/network/ddi-rule-1552
DDI RULE 1583	APT - HCOREPWSTL - HTTP (Request)	HIGH		2018/08/13	DDI RULE 1583	/vinfo/us/threat-encyclopedia/network/ddi-rule-1583
DDI RULE 1577	APT - PLUGX - HTTP (Request) - Variant 6	HIGH		2018/08/13	DDI RULE 1577	/vinfo/us/threat-encyclopedia/network/ddi-rule-1577
DDI RULE 1460	A privileged user account attempted to log on to the Remote Desktop server during non-working hours	HIGH		2018/08/13	DDI RULE 1460	/vinfo/us/threat-encyclopedia/network/ddi-rule-1460
DDI RULE 1347	APT - Possible SIMBOT - HTTP (Request) - Variant 3	MEDIUM		2018/08/13	DDI RULE 1347	/vinfo/us/threat-encyclopedia/network/ddi-rule-1347
DDI RULE 1415	APT - Possible POISONIVY - TCP (Request)	MEDIUM		2018/08/13	DDI RULE 1415	/vinfo/us/threat-encyclopedia/network/ddi-rule-1415
DDI RULE 272	AUTORUN - HTTP (Request) - Variant 6	HIGH		2018/08/09	DDI RULE 272	/vinfo/us/threat-encyclopedia/network/ddi-rule-272
DDI RULE 2717	KAIXIN - Exploit Kit - HTTP (Request) - Variant 3	HIGH		2018/08/09	DDI RULE 2717	/vinfo/us/threat-encyclopedia/network/ddi-rule-2717
DDI RULE 2718	S7 Enumerate Redpoint NSE Request CPU Function Read SZL - TCP (Request)	LOW		2018/08/09	DDI RULE 2718	/vinfo/us/threat-encyclopedia/network/ddi-rule-2718
DDI RULE 2715	MINER CONFIG - HTTP (Response)	HIGH		2018/08/07	DDI RULE 2715	/vinfo/us/threat-encyclopedia/network/ddi-rule-2715
DDI RULE 2429	EQUATED - Exploit Attempt - SMB (Response)	HIGH		2018/08/07	DDI RULE 2429	/vinfo/us/threat-encyclopedia/network/ddi-rule-2429
DDI RULE 2384	Possible EQUATED - Remote Code Execution - SMB (Request)	LOW		2018/08/07	DDI RULE 2384	/vinfo/us/threat-encyclopedia/network/ddi-rule-2384
DDI RULE 2390	EQUATED - SMB (Response)	HIGH		2018/08/07	DDI RULE 2390	/vinfo/us/threat-encyclopedia/network/ddi-rule-2390
DDI RULE 1087	APT - FASWIK - TCP (Request)	HIGH		2018/08/06	DDI RULE 1087	/vinfo/us/threat-encyclopedia/network/ddi-rule-1087
DDI RULE 1069	APT - Possible GHOSTRAT - TCP	MEDIUM		2018/08/06	DDI RULE 1069	/vinfo/us/threat-encyclopedia/network/ddi-rule-1069
DDI RULE 1076	file dropped on a network administrative share	LOW		2018/08/06	DDI RULE 1076	/vinfo/us/threat-encyclopedia/network/ddi-rule-1076
DDI RULE 1257	APT - CRIDEX - HTTP (Request) - Variant 3	HIGH		2018/08/06	DDI RULE 1257	/vinfo/us/threat-encyclopedia/network/ddi-rule-1257
DDI RULE 1300	APT - FARFLI - HTTP (Request)	HIGH		2018/08/06	DDI RULE 1300	/vinfo/us/threat-encyclopedia/network/ddi-rule-1300
DDI RULE 1306	SMB or SMB2 PE file Upload to non-administrative share folder detected	MEDIUM		2018/08/06	DDI RULE 1306	/vinfo/us/threat-encyclopedia/network/ddi-rule-1306
DDI RULE 1307	SMB or SMB2 PE file Upload detected	MEDIUM		2018/08/06	DDI RULE 1307	/vinfo/us/threat-encyclopedia/network/ddi-rule-1307
DDI RULE 1303	APT - Possible BLYPT - HTTP (Request)	MEDIUM		2018/08/06	DDI RULE 1303	/vinfo/us/threat-encyclopedia/network/ddi-rule-1303
DDI RULE 1310	SMB CreateService request detected	LOW		2018/08/06	DDI RULE 1310	/vinfo/us/threat-encyclopedia/network/ddi-rule-1310
DDI RULE 1311	SMB DeleteService request detected	LOW		2018/08/06	DDI RULE 1311	/vinfo/us/threat-encyclopedia/network/ddi-rule-1311
DDI RULE 1318	File Download From known CNC Server detected	MEDIUM		2018/08/06	DDI RULE 1318	/vinfo/us/threat-encyclopedia/network/ddi-rule-1318
DDI RULE 2709	CVE-2018-8278 MS Edge Spoofing Exploit - HTTP (Response)	HIGH		2018/07/30	DDI RULE 2709	/vinfo/us/threat-encyclopedia/network/ddi-rule-2709
DDI RULE 2704	Web Security Testing Tool - HTTP (Request) - Variant 2	HIGH		2018/07/26	DDI RULE 2704	/vinfo/us/threat-encyclopedia/network/ddi-rule-2704
DDI RULE 2705	Android Debug Bridge Remote Code Execution - TCP (Request)	HIGH		2018/07/26	DDI RULE 2705	/vinfo/us/threat-encyclopedia/network/ddi-rule-2705
DDI RULE 2706	OSTAP - HTTP (Request)	HIGH		2018/07/26	DDI RULE 2706	/vinfo/us/threat-encyclopedia/network/ddi-rule-2706