IPS Signature Database Update
| Name | ips.sig | |||
| Version | 2.1.577 | |||
| StoneOS | StoneOS 5.0R4F3.1 or above | |||
| Release Date | 2024-10-08 | |||
| New Signature (25) |
Rule ID | Rule Name | StonesOS | Detail |
| 105379 | Ransomware Activity: TeslaCrypt/AlphaCrypt Payment DNS Lookup | 5.5R5 or above | click for more information | |
| 105356 | Ransomware Activity: TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (iq3ahijcfeont3xx) | 5.5R5 or above | click for more information | |
| 105362 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 714716 | Trojan Activity: Win32/ArtraDownloader Checkin | 5.5R5 or above | click for more information | |
| 105374 | Trojan Activity: FatDuke Domain Observed | 5.5R5 or above | click for more information | |
| 332571 | Ransomware Activity: Quant Loader Download Response | 5.5R5 or above | click for more information | |
| 105378 | Ransomware Activity: Win32/Teslacrypt Ransomware .onion domain (7tno4hib47vlep5o) | 5.5R5 or above | click for more information | |
| 338445 | ASIS 3.2.0 SQL Injection Vulnerability (CVE-2024-45622) | 5.5R5 or above | click for more information | |
| 105359 | Trojan Activity: Glupteba CnC Domain in DNS Lookup | 5.5R5 or above | click for more information | |
| 338441 | NginxWebUI 3.5.0 Remote Command Execution Vulnerability | 5.5R5 or above | click for more information | |
| 105355 | Ransomware Activity: Cerber Domain Observed | 5.5R5 or above | click for more information | |
| 105377 | Ransomware Activity: ABUSE.CH Ransomware/Cerber Onion Domain Lookup | 5.5R5 or above | click for more information | |
| 338444 | SuperWebMailer 9.00.0.01710 Cross Site Scripting Vulnerability (CVE-2023-38192) | 5.0R4 or above | click for more information | |
| 105369 | Trojan Activity: PolyglotDuke Domain Observed | 5.5R5 or above | click for more information | |
| 105360 | Trojan Activity: Glupteba CnC Domain in DNS Lookup | 5.5R5 or above | click for more information | |
| 105380 | Ransomware Activity: Ransomware Locky .onion Payment Domain (5n7y4yihirccftc5) | 5.5R5 or above | click for more information | |
| 105372 | Trojan Activity: MiniDuke Domain Observed | 5.5R5 or above | click for more information | |
| 332573 | Trojan Activity: Generic XBALTI Phishing Landing | 5.5R5 or above | click for more information | |
| 105354 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 105376 | Trojan Activity: FatDuke Domain Observed | 5.5R5 or above | click for more information | |
| ...... | ||||
| Updated Signature (1) |
Rule ID | Rule Name | StonesOS | Detail |
| 338294 | Raisecom Multiple Gateway Products list_base_config.php Remote Command Execution Vulnerability (CVE-2024-7120) | 5.5R5 or above | Click here for more information | |