alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY HTTP Request to WebDAV? CloudMe? Service"; flow:established,to_server; content:"webdav.cloudme.com"; http_header; fast_pattern; pcre:"/^Host\x3a[^\r\n]+?webdav\.cloudme\.com[^\r\n]*?\r?$/Hmi"; reference:url,securelist.com/blog/research/68083/cloud-atlas-redoctober-apt-is-back-in-style/; classtype:policy-violation; sid:2019914; rev:3; metadata:created_at 2014_12_10, updated_at 2019_10_07;)

Added 2019-10-08 19:34:16 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY HTTP Request to WebDAV? CloudMe? Service"; flow:established,to_server; content:"webdav.cloudme.com"; http_header; fast_pattern:only; pcre:"/^Host\x3a[^\r\n]+?webdav\.cloudme\.com[^\r\n]*?\r?$/Hmi"; reference:url,securelist.com/blog/research/68083/cloud-atlas-redoctober-apt-is-back-in-style/; classtype:policy-violation; sid:2019914; rev:2; metadata:created_at 2014_12_10, updated_at 2014_12_10;)

Added 2018-09-13 19:50:03 UTC


Added 2018-09-13 17:59:25 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY HTTP Request to WebDAV? CloudMe? Service"; flow:established,to_server; content:"webdav.cloudme.com"; http_header; fast_pattern:only; pcre:"/^Host\x3a[^\r\n]+?webdav\.cloudme\.com[^\r\n]*?\r?$/Hmi"; reference:url,securelist.com/blog/research/68083/cloud-atlas-redoctober-apt-is-back-in-style/; classtype:policy-violation; sid:2019914; rev:2; metadata:created_at 2014_12_10, updated_at 2014_12_10;)

Added 2017-08-07 21:14:16 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY HTTP Request to WebDAV? CloudMe? Service"; flow:established,to_server; content:"webdav.cloudme.com"; http_header; fast_pattern:only; pcre:"/^Host\x3a[^\r\n]+?webdav\.cloudme\.com[^\r\n]*?\r?$/Hmi"; reference:url,securelist.com/blog/research/68083/cloud-atlas-redoctober-apt-is-back-in-style/; classtype:policy-violation; sid:2019914; rev:2;)

Added 2014-12-11 14:39:45 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY HTTP Request to WebDAV? CloudMe? Service"; flow:established,to_server; content:"webdav.cloudme.com"; http_header; fast_pattern:only; pcre:"/^Host\x3a[^\r\n]+?webdav\.cloudme\.com[^\r\n]*?\r?$/Hmi"; reference:url,bluecoat.com/security-blog/2014-12-09/blue-coat-exposes-%22-inception-framework%22-very-sophisticated-layered-malware; classtype:policy-violation; sid:2019914; rev:2;)

Added 2014-12-11 11:34:41 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY HTTP Request to WebDAV? CloudMe? Service"; flow:established,to_server; content:"webdav.cloudme.com"; http_header; fast_pattern:only; pcre:"/^Host\x3a[^\r\n]+?webdav\.cloudme\.com[^\r\n]*?\r?$/Hmi"; reference:url,bluecoat.com/security-blog/2014-12-09/blue-coat-exposes-%22-inception-framework%22-very-sophisticated-layered-malware; classtype:policy-violation; sid:2019914; rev:2;)

Added 2014-12-10 21:25:29 UTC



This topic: Main > 2019914
Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats