IPS Signature Database Update
| Name | ips.sig | |||
| Version | 2.1.583 | |||
| StoneOS | StoneOS 5.0R4F3.1 or above | |||
| Release Date | 2024-11-18 | |||
| New Signature (69) |
Rule ID | Rule Name | StonesOS | Detail |
| 338543 | Mingyuanyun ERP GetErpConfig.aspx Information Leakage Vulnerability | 5.0R4 or above | click for more information | |
| 105379 | Ransomware Activity: TeslaCrypt/AlphaCrypt Payment DNS Lookup | 5.5R5 or above | click for more information | |
| 105561 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 105356 | Ransomware Activity: TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (iq3ahijcfeont3xx) | 5.5R5 or above | click for more information | |
| 338528 | Ivanti Cloud Services Appliance Path Traversal Vulnerability (CVE-2024-8963) | 5.0R4 or above | click for more information | |
| 105552 | Ransomware Activity: ABUSE.CH TorrentLocker Payment Domain (2ymh2gnnbg6pgq2r) | 5.5R5 or above | click for more information | |
| 332573 | Trojan Activity: Generic XBALTI Phishing Landing | 5.5R5 or above | click for more information | |
| 105550 | Trojan Activity: Magecart CnC Domain Observed in DNS Query | 5.5R5 or above | click for more information | |
| 338539 | WordPress GRUN Costino Spendenformular Plugin Privilege Promotion Vulnerability (CVE-2024-50476) | 5.5R5 or above | click for more information | |
| 105572 | Trojan Activity: LYCEUM CnC Domain Observed in DNS Query | 5.5R5 or above | click for more information | |
| 105362 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 105354 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 332754 | Ransomware Activity: Cerber Blockchain Query 2 | 5.5R5 or above | click for more information | |
| 105564 | Trojan Activity: FIN8 ShellTea CnC in DNS Query | 5.5R5 or above | click for more information | |
| 105546 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 338535 | Yonyou U8-Cloud approveservlet SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 105568 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 338545 | ZHENYUN SRM SpEL Expression Injection Vulnerability | 5.0R4 or above | click for more information | |
| 105374 | Trojan Activity: FatDuke Domain Observed | 5.5R5 or above | click for more information | |
| 332571 | Ransomware Activity: Quant Loader Download Response | 5.5R5 or above | click for more information | |
| ...... | ||||
| Updated Signature (4) |
Rule ID | Rule Name | StonesOS | Detail |
| 337095 | NagiosXI menuaccess.php SQL Injection Vulnerability (CVE-2018-10738) | 5.0R4 or above | Click here for more information | |
| 332471 | SAP NetWeaver AS Directory Traversal Vulnerability (CVE-2020-6286) | 5.0R4 or above | Click here for more information | |
| 338502 | Cyberpanel upgrademysqlstatus Remote Code Execution Vulnerability (CVE-2024-51567) | 5.0R4 or above | Click here for more information | |
| 338501 | Cyberpanel getresetstatus Remote Code Execution Vulnerability (CVE-2024-51378) | 5.5R5 or above | Click here for more information | |