50 Recent Changes in Main Web retrieved at 16:34 (GMT)

My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert smb $HOME NET any $HOME NET any (msg:`ET TROJAN Shamoon v3 64bit Propagating Internally via SMB`; flow:to server,established; content:` 00 00 00 00 00 00 ...
alert smb $HOME NET any $HOME NET any (msg:`ET TROJAN Shamoon v3 32bit Propagating Internally via SMB`; flow:to server,established; content:` 00 00 00 00 00 00 ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB SERVER ThinkPHP RCE Exploitation Attempt`; flow:established,to server; content:`GET`; http method; content ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Shamoon V3 CnC Checkin`; flow:established,to server; content:`GET`; http method; content:`?selection ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Donot (APT C 35) Stage 1 Requesting Main Payload`; flow:established,to server; content:`GET`; http method ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Donot (APT C 35) Stage 1 Requesting Persistence Setup File`; flow:established,to server; content:`GET ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN ELF/Win32 Lucky Ransomware Reporting Successful File Encryption`; flow:established,to server; content ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN ELF/Win32 Lucky Ransomware Encryption Process Started`; flow:established,to server; content:`GET`; http ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN ELF/Win32 Lucky Ransomware CnC Checkin`; flow:established,to server; content:`GET`; http method; content ...
alert tcp $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN RedControle Communicating with CnC `; flow:established,to server; content:`SE ND CO NN EC 23 `; depth ...
alert tcp $EXTERNAL NET any $HOME NET any (msg:`ET TROJAN RedControle Probing Infected System`; flow:established,to server; dsize:14; content:`SE ND CO NN EC`; ...
alert tls $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Observed MongoLock Variant CnC Domain (s .rapid7 .xyz in TLS SNI)`; flow:established,to server; tls sni ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32/DanaBot Harvesting Email Addresses 1`; flow:established,to server; content:`GET`; http method; ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32/DanaBot Harvesting Email Addresses 2`; flow:established,to server; content:`GET`; http method; ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN IcedID WebSocket Request`; flow:established,to server; content:`GET`; http method; content:`/data2.php ...
alert http $EXTERNAL NET any $HTTP SERVERS any (msg:`ET WEB SERVER HP Intelligent Management Java Deserialization RCE Attempt`; flow:established,to server; content ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET POLICY External IP Lookup Domain (ifconfig .me)`; flow:established,to server; content:`GET`; http method; content ...
alert tcp $HOME NET any $EXTERNAL NET 27 (msg:`ET TROJAN ELF/Samba CnC Checkin`; flow:established,to server; dsize:8; content:` 11 10 10 01 22 32 21 52 `; fast ...
alert tcp $EXTERNAL NET 443 $HOME NET any (msg:`ET POLICY Logmein.com/Join.me SSL Remote Control Access`; flow:established,from server; content:` 16 03 `; depth ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET TROJAN APT33/CharmingKitten Encrypted Payload Inbound`; flow:established,from server; content:`200`; http stat ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`document.cdn one.biz`; distance:0; nocase ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`fundsxe.com`; distance:0; nocase; fast pattern ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`transef.biz`; distance:0; nocase; fast pattern ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`alotile.biz`; distance:0; nocase; fast pattern ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`freecloud.biz`; distance:0; nocase; fast pattern ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`usasecurefiles.com`; distance:0; nocase; fast ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`contents.bz`; distance:0; nocase; fast pattern ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`cloudpallets32.com`; distance:0; nocase; fast ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`api.miria.kz`; distance:0; nocase; fast pattern ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`api.asus.org.kz`; distance:0; nocase; fast ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`api.fujitsu.org.kz`; distance:0; nocase; fast ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`api.toshiba.org.kz`; distance:0; nocase; fast ...
alert dns $HOME NET any any any (msg:`ET TROJAN Cobalt Group/More Eggs CnC Domain in DNS Lookup`; dns query; content:`outlooklive.org.kz`; distance:0; nocase; fast ...
alert tls $EXTERNAL NET any $HOME NET any (msg:`ET TROJAN Observed Malicious SSL Cert (Cobalt Group/More Eggs CnC)`; flow:from server,established; tls cert subject ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN APT33/CharmingKitten Retrieving New Payload (flowbit set)`; flow:established,to server; content:`GET ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`zwfaxi.com`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`world paper.net`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`tempdomain8899.com`; nocase; fast pattern; isdataat ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`sharedriver.us`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`sharedriver.pw`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`secozco.com`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`scaurri.com`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`pqexport.com`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`grsvps.com`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`docsdriver.com`; nocase; fast pattern; isdataat:1,relative ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`client screenfonts.com`; nocase; fast pattern; isdataat ...
alert dns $HOME NET any any any (msg:`ET TROJAN STOLENPENCIL CnC Domain in DNS Lookup`; dns query; content:`client message.com`; nocase; fast pattern; isdataat ...
Number of topics: 50

Show recent changes with 50, 100, 200, 500, 1000 topics, all changes

Related topics: RSS feed, rounded corners RSS feed, ATOM feed, WebNotify, site changes, site map

Topic revision: r4 - 2006-11-15 - TWikiContributor
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats