Intrusion Detection Events (IDS)

Follow New articles New articles and comments

• How to Query the Additional Event Information Fields in Events
• ET CURRENT_EVENTS SUSPICIOUS Firesale gTLD IE Flash request to set non-standard filename (some overlap with 2021752)
• ETPRO MOBILE_MALWARE Android/SLocker.AC Checkin
• ETPRO CURRENT_EVENTS Possible Job314/Neutrino Reboot EK Flash Exploit Jan 07 2015 M2
• ETPRO TROJAN Likely Malicious SWF Beacon Requesting Exploit
• ETPRO EXPLOIT Adobe Acrobat Reader ACE.dll ICC mluc Integer Overflow
• ET TROJAN HTTP GET Request on port 53 - Very Likely Hostile
• ET CNC Ransomware Tracker Reported CnC Server group 82
• ET DNS Non-DNS or Non-Compliant DNS traffic on DNS port Opcode 6 or 7 set
• ET TROJAN Turkojan C&C nxt Command (nxt)
• ETPRO DOS IBM DB2 Database Server Invalid Data Stream Denial of Service (Published Exploit)
• ET TROJAN EXE Download Request To Wordpress Folder Likely Malicious
• ETPRO MALWARE User-Agent (MRSPUTNIK)
• ETPRO TROJAN Possible Tinba DGA NXDOMAIN Responses (com)
• ET MALWARE Alexa Search Toolbar User-Agent 2 (Alexa Toolbar)
• ET TROJAN MWI Maldoc Stats Callout Aug 18
• ET MALWARE Zango Seekmo Bar Spyware User-Agent (Seekmo Toolbar)
• ET MALWARE SpamBlockerUtility Fake Anti-Spyware User-Agent (SpamBlockerUtility x.x.x)
• ETPRO MALWARE Trojan.Llac.Win32 PUP Activity
• ET MALWARE Suspicious User Agent (Autoupdate)
• ET MALWARE Fun Web Products Spyware User-Agent (FunWebProducts)
• ET TROJAN DNS Reply for unallocated address space - Potentially Malicious 1.1.1.0/24
• ETPRO TROJAN Obfuscated Phishing Landing Feb 25