TWiki's Main web

TWiki's Main web http://doc.emergingthreats.net/bin/view/Main The web for users, groups and offices. TWiki is an Enterprise Collaboration Platform. en-us Copyright 2012 Emerging Threats and Contributing Authors Emerging Admin [twiki@emergingthreats.net] The contributing authors of TWiki TWiki Powered by TWiki.Main http://doc.emergingthreats.net/bin/view/Main http://doc.emergingthreats.net/pub/TWiki/TWikiLogos/T-logo-140x40-t.gif 2014217 http://doc.emergingthreats.net/bin/view/Main/2014217 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET TROJAN Delf/Troxen/Zema controller delivering clickfraud instructions"; flow:established,to client; file ... (last changed by TWikiGuest) 2012-02-07T03:00:20Z guest 2014212 http://doc.emergingthreats.net/bin/view/Main/2014212 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN MSUpdater POST checkin to CnC"; flow:established,to server; content:"/microsoft/errorpost/default ... (last changed by TWikiGuest) 2012-02-07T03:00:19Z guest 2014214 http://doc.emergingthreats.net/bin/view/Main/2014214 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN MSUpdater post auth checkin"; flow:established,to server; content:"/search6"; http uri; fast pattern ... (last changed by TWikiGuest) 2012-02-07T03:00:19Z guest 2014216 http://doc.emergingthreats.net/bin/view/Main/2014216 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET TROJAN Delf/Troxen/Zema controller responding to client"; flow:established,to client; file data; content ... (last changed by TWikiGuest) 2012-02-07T03:00:19Z guest 2014209 http://doc.emergingthreats.net/bin/view/Main/2014209 alert tcp $EXTERNAL NET 443 $HOME NET any (msg:"ET TROJAN Sykipot SSL Certificate serial number detected"; flow:established,to client; content:" 16 "; content: ... (last changed by TWikiGuest) 2012-02-07T03:00:19Z guest 2014213 http://doc.emergingthreats.net/bin/view/Main/2014213 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN MSUpdater Connectivity Check to Google"; flow:established,to server; content:"/search?qu "; http ... (last changed by TWikiGuest) 2012-02-07T03:00:19Z guest 2014215 http://doc.emergingthreats.net/bin/view/Main/2014215 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MOBILE MALWARE Android/Plankton.P Commands Request to CnC Server"; flow:established,to server; content ... (last changed by TWikiGuest) 2012-02-07T03:00:19Z guest 2014211 http://doc.emergingthreats.net/bin/view/Main/2014211 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN MSUpdater alt checkin to CnC"; flow:established,to server; content:"/microsoft/errorpost/default ... (last changed by TWikiGuest) 2012-02-07T03:00:19Z guest 2014204 http://doc.emergingthreats.net/bin/view/Main/2014204 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS CutePack Exploit Kit JavaScript Variable Detected"; flow:established,to client; content ... (last changed by TWikiGuest) 2012-02-07T03:00:18Z guest 2014207 http://doc.emergingthreats.net/bin/view/Main/2014207 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS Likely MS12 004 midiOutPlayNextPolyEvent Heap Overflow Midi Filename Requested baby.mid ... (last changed by TWikiGuest) 2012-02-07T03:00:18Z guest 2014203 http://doc.emergingthreats.net/bin/view/Main/2014203 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS CUTE IE.html CutePack Exploit Kit Landing Page Request"; flow:established,to server; content ... (last changed by TWikiGuest) 2012-02-07T03:00:18Z guest 2014206 http://doc.emergingthreats.net/bin/view/Main/2014206 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS CutePack Exploit Kit Landing Page Detected"; flow:established,to client; content:"button ... (last changed by TWikiGuest) 2012-02-07T03:00:18Z guest 2014205 http://doc.emergingthreats.net/bin/view/Main/2014205 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS CUTE IE.html CutePack Exploit Kit Iframe for Landing Page Detected"; flow:established ... (last changed by TWikiGuest) 2012-02-07T03:00:18Z guest 2014208 http://doc.emergingthreats.net/bin/view/Main/2014208 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN TLD4 Purple Haze Variant Initial CnC Request for Ad Servers"; flow:established,to server; content ... (last changed by TWikiGuest) 2012-02-07T03:00:18Z guest 2014202 http://doc.emergingthreats.net/bin/view/Main/2014202 alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET POLICY File Being Uploaded to SendSpace File Hosting Site"; flow:established,to server; content:"POST ... (last changed by TWikiGuest) 2012-02-07T03:00:18Z guest 2014194 http://doc.emergingthreats.net/bin/view/Main/2014194 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS Blackhole Exploit Kit JavaScript colon string splitting"; flow:established,from server ... (last changed by TWikiGuest) 2012-02-07T03:00:17Z guest