50 Recent Changes in Main Web retrieved at 17:06 (GMT)

My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert tcp any any $HOME NET 445 (msg:`ET EXPLOIT Samba Arbitrary Module Loading Vulnerability (NT Create AndX .so) (CVE 2017 7494)`; flow:to server,established ...
alert tcp any any $HOME NET 445 (msg:`ET EXPLOIT Samba Arbitrary Module Loading Vulnerability (.so file write to share) (CVE 2017 7494)`; flow:to server,established ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN APT32 Komprogo DNS Lookup`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 06 mobile 0a ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN APT32 Komprogo DNS Lookup`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 04 news 0a lightpress ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN APT32 Komprogo DNS Lookup`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 04 blog 08 docksugs ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN APT32 Komprogo DNS Lookup`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 03 syn 07 timeizu ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN APT32 Komprogo DNS Lookup`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 05 check 0b ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET CURRENT EVENTS Successful Banco do Brasil Phish May 25 2017`; flow:to server,established; content:`POST`; http ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET CURRENT EVENTS Successful Banco do Brasil Phish Mar 30 2017`; flow:to server,established; content:`POST`; http ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Samsung Galaxy Knox Android Browser RCE smdm attempt`; flow:to client,established; file data; content ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE User Agent (???)`; flow:established,to server; content:` 0d 0a User Agent 3a ???`; http header; content ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET CURRENT EVENTS Successful Scotiabank Phish M2 May 24 2017`; flow:to server,established; content:`POST`; http ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET CURRENT EVENTS Successful Scotiabank Phish M1 May 24 2017`; flow:to server,established; content:`POST`; http ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN MalDoc Retrieving Payload May 23 2017 2`; flow:established,to server; content:`GET`; http method; content ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN Spora Ransomware DNS Query`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 05 spora 02 ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN UIWIX Ransomware .onion Payment Domain (4ujngbdqqm6t2c53)`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 5`; flow:established,to server; content:`iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 4`; flow:established,to server; content:`iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 3`; flow:established,to server; content:`ayylmaotjhsstasdfasdfasdfasdfasdfasdfasdf ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 2`; flow:established,to server; content:`iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1`; flow:established,to server; content:`iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN Possible WannaCry DNS Lookup 5`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 29 iuqerfsodp9ifjaposdfjhgosurijfaewrwergweb ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN Possible WannaCry DNS Lookup 4`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 29 iuqssfsodp9ifjaposdfjhgosurijfaewrwergwea ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN Possible WannaCry DNS Lookup 3`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 29 ayylmaotjhsstasdfasdfasdfasdfasdfasdfasdf ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN Possible WannaCry DNS Lookup 2`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 29 ifferfsodp9ifjaposdfjhgosurijfaewrwergwea ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN Possible WannaCry DNS Lookup 1`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content:` 29 iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea ...
alert smtp $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Agent Tesla Keylogger Report SMTP`; flow:established,to server; content:`From 3a `; nocase; content: ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32/ASPC Bot CnC Checkin M1`; flow:established,to server; content:`GET`; http method; content:`.php ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32/ASPC Bot CnC Checkin M2`; flow:established,to server; content:`POST`; http method; content:`.php ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN MSIL/EasyLocker Ransomware CnC Activity`; flow:established,to server; content:`GET`; http method; content ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE Suspicious Mozilla User Agent Likely Fake (Mozilla/4.0)`; flow:to server,established; content:`User ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M2`; flow:established,to server; content:`POST`; http method ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot Request for C2 Commands Detected M2`; flow:established,to server; content:`POST`; http method ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M2`; flow:established,to server; content: ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot Screenshot Exfiltration Detected`; flow:established,to server; content:`POST`; http method; ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M1`; flow:established,to server; content:`POST`; http method ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot File Exfiltration Detected`; flow:established,to server; content:`POST`; http method; content ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot Request for C2 Commands Detected M1`; flow:established,to server; content:`POST`; http method ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M1`; flow:established,to server; content: ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Loki Bot Cryptocurrency Wallet Exfiltration Detected`; flow:established,to server; content:`POST`; http ...
alert tcp any any $HOME NET 1556 (msg:`ET EXPLOIT NB8 04 Possible Unauthed RCE via whitelist bypass`; flow:established,to server; content:`ack `; depth:4; content ...
alert tcp any any $HOME NET 1556 (msg:`ET EXPLOIT NB8 02 Possible Unauthed RCE via nbbsdtar`; flow:established,to server; content:`ack `; depth:4; content:`extension ...
alert tcp any any $HOME NET 1556 (msg:`ET EXPLOIT NB8 01 Unauthed RCE via bprd`; flow:established,to server; content:`ack `; depth:4; content:`extension bprd ...
Number of topics: 50

Show recent changes with 50, 100, 200, 500, 1000 topics, all changes

Related topics: RSS feed, rounded corners RSS feed, ATOM feed, WebNotify, site changes, site map

Topic revision: r4 - 2006-11-15 - TWikiContributor
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats