IPS Signature Database Update
| Name | ips.sig | ||
| Version | 2.1.394 | ||
| StoneOS | StoneOS 5.0R4F3.1 or above | ||
| Release Date | 2021-03-15 | ||
| New Signature (139) |
Rule ID | Rule Name | Detail |
| 332527 | Shellcode: Double BackSlash Hex Obfuscated JavaScript Heap Spray 0d0d0d0d | click for more information | |
| 714639 | GPL SHELLCODE sparc NOOP | click for more information | |
| 332512 | Possible Unescape Encoded Content With Split String Obfuscation Shellcode | click for more information | |
| 332651 | Mining Activity: Adylkuzz CnC Beacon 4 | click for more information | |
| 332713 | Exploit-Kit Activity: W32/Caphaw DriveBy Campaign Statistic.js | click for more information | |
| 332668 | Exploit-Kit Activity: Possible MagnitudeApr | click for more information | |
| 332730 | Exploit-Kit Activity: Generic CollectGarbage in Hex | click for more information | |
| 805924 | GPL SHELLCODE sparc NOOP | click for more information | |
| 714612 | Shellcode: Possible 0x0d0d0d0d Heap Spray Attempt | click for more information | |
| 714735 | Mining Activity: W32/BitCoinMiner.MultiThreat Getblocktemplate Protocol Server Connection | click for more information | |
| 332736 | Trojan Activity: Observed Magecart CnC Domain in TLS SNI | click for more information | |
| 332522 | Shellcode: Hex Obfuscated JavaScript Heap Spray 0d0d0d0d | click for more information | |
| 714642 | GPL Linux shellcode | click for more information | |
| 332757 | Exploit-Kit Activity: DRIVEBY Redirection - Injection - Modified Edwards Packer Script | click for more information | |
| 332584 | Worm Activity: Win32/Esfury.T Checkin | click for more information | |
| 332768 | Mining Activity: Bitcoin Mining Server Stratum Protocol HTTP Header | click for more information | |
| 805917 | GPL SHELLCODE x86 0x71FB7BAB NOOP | click for more information | |
| 332646 | Worm Activity: Worm.Win32/Esfury.X Checkin | click for more information | |
| 332528 | Shellcode: Double BackSlash Hex Obfuscated JavaScript NOP SLED | click for more information | |
| 332684 | Exploit-Kit Activity: DRIVEBY GENERIC ShellExecute in URLENCODE | click for more information | |
| ...... | |||
| Updated Signature (3) |
Rule ID | Rule Name | Detail |
| 705502 | RealNetworks RealPlayer URL Parsing Stack Buffer Overflow (CVE-2012-5691) | Click here for more information | |
| 307078 | RealNetworks RealPlayer URL Parsing Stack Buffer Overflow (CVE-2012-5691) | Click here for more information | |
| 714185 | Microsoft Windows Remote Desktop Services DVC Decompression Heap Buffer Overflow Vulnerability (CVE-2019-1181) | Click here for more information | |