#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED google.com.br DNS Poisoning redirecting to exploit kit 4"; flow:established,to_server; content:"/YouTube_Setup.exe"; http_uri; reference:url,www.zdnet.com/blog/security/massive-dns-poisoning-attack-in-brazil-serving-exploits-and-malware/9780; reference:url,www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil; classtype:bad-unknown; sid:2013898; rev:3; metadata:created_at 2011_11_10, former_category EXPLOIT_KIT, updated_at 2021_06_23;)

Added 2021-06-23 19:31:45 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED google.com.br DNS Poisoning redirecting to exploit kit 4"; flow:established,to_server; content:"/YouTube_Setup.exe"; http_uri; reference:url,www.zdnet.com/blog/security/massive-dns-poisoning-attack-in-brazil-serving-exploits-and-malware/9780; reference:url,www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil; classtype:bad-unknown; sid:2013898; rev:3; metadata:created_at 2011_11_10, former_category EXPLOIT_KIT, updated_at 2020_05_08;)

Added 2020-08-05 19:07:45 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED google.com.br DNS Poisoning redirecting to exploit kit 4"; flow:established,to_server; content:"/YouTube_Setup.exe"; http_uri; metadata: former_category EXPLOIT_KIT; reference:url,www.zdnet.com/blog/security/massive-dns-poisoning-attack-in-brazil-serving-exploits-and-malware/9780; reference:url,www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil; classtype:bad-unknown; sid:2013898; rev:3; metadata:created_at 2011_11_10, updated_at 2020_05_08;)

Added 2020-05-08 17:41:13 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED google.com.br DNS Poisoning redirecting to exploit kit 4"; flow:established,to_server; content:"/YouTube_Setup.exe"; http_uri; metadata: former_category EXPLOIT_KIT; reference:url,www.zdnet.com/blog/security/massive-dns-poisoning-attack-in-brazil-serving-exploits-and-malware/9780; reference:url,www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil; classtype:bad-unknown; sid:2013898; rev:3; metadata:created_at 2011_11_10, updated_at 2011_11_10;)

Added 2019-09-26 19:57:00 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED google.com.br DNS Poisoning redirecting to exploit kit 4"; flow:established,to_server; content:"/YouTube_Setup.exe"; http_uri; reference:url,www.zdnet.com/blog/security/massive-dns-poisoning-attack-in-brazil-serving-exploits-and-malware/9780; reference:url,www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil; classtype:bad-unknown; sid:2013898; rev:3; metadata:created_at 2011_11_10, updated_at 2011_11_10;)

Added 2018-09-13 19:43:50 UTC


Added 2018-09-13 17:55:59 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED google.com.br DNS Poisoning redirecting to exploit kit 4"; flow:established,to_server; content:"/YouTube_Setup.exe"; http_uri; reference:url,www.zdnet.com/blog/security/massive-dns-poisoning-attack-in-brazil-serving-exploits-and-malware/9780; reference:url,www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil; classtype:bad-unknown; sid:2013898; rev:3; metadata:created_at 2011_11_10, updated_at 2011_11_10;)

Added 2017-08-07 21:07:11 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED google.com.br DNS Poisoning redirecting to exploit kit 4"; flow:established,to_server; content:"/YouTube_Setup.exe"; http_uri; reference:url,www.zdnet.com/blog/security/massive-dns-poisoning-attack-in-brazil-serving-exploits-and-malware/9780; reference:url,www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil; classtype:bad-unknown; sid:2013898; rev:3;)

Added 2014-09-15 18:30:48 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS google.com.br DNS Poisoning redirecting to exploit kit 4"; flow:established,to_server; content:"/YouTube_Setup.exe"; http_uri; reference:url,www.zdnet.com/blog/security/massive-dns-poisoning-attack-in-brazil-serving-exploits-and-malware/9780; reference:url,www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil; classtype:bad-unknown; sid:2013898; rev:1;)

Added 2011-11-10 19:48:47 UTC



This topic: Main > 2013898
Topic revision: r1 - 2021-06-23 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats