IPS Signature Database Update

Name ips.sig
Version 2.1.585
StoneOS StoneOS 5.0R4F3.1 or above
Release Date 2024-12-02
New Signature
(80)		 Rule ID Rule Name StonesOS Detail
105538 Ransomware Activity: Ransomware/Cerber Onion Domain Lookup 5.5R5 or above click for more information
105525 Ransomware Activity: DNS Query to Cerber Domain 5.5R5 or above click for more information
105507 Ransomware Activity: ABUSE.CH Locky C2 Domain 5.5R5 or above click for more information
332748 Ransomware Activity: Observed TrumpHead Ransomware CnC Domain 5.5R5 or above click for more information
338563 Spring Boot common-user-management Arbitrary File Upload Vulnerability (CVE-2024-52302) 5.5R8 or above click for more information
105530 Trojan Activity: Turla DNS Lookup 5.5R5 or above click for more information
332727 Trojan Activity: BottleEK Plugin Check JS 5.5R5 or above click for more information
338570 Angular-Base64-Upload Arbitrary File Upload Vulnerability (CVE-2024-46240) 5.0R4 or above click for more information
332737 Trojan Activity: Malicious SSL Cert (Magecart) 5.5R5 or above click for more information
105521 Ransomware Activity: DNS Query to Cerber Domain 5.5R5 or above click for more information
714769 Ransomware Activity: Win32.Cerberus RAT Checkin Response 5.0R4 or above click for more information
105519 Ransomware Activity: DNS Query to Cerber Domain 5.5R5 or above click for more information
332744 Ransomware Activity: Aurora/OneKeyLocker Ransomware CnC Checkin 5.5R5 or above click for more information
105541 Ransomware Activity: DNS Query to Cerber Domain 5.5R5 or above click for more information
105510 Trojan Activity: ServHelper CnC Domain 5.5R5 or above click for more information
332723 Trojan Activity: Generic Email Account Phish 5.5R5 or above click for more information
338566 PHP Laravel Framework Remote Command Execution Vulnerability (CVE-2018-15133) 5.5R4 or above click for more information
105494 Ransomware Activity: ABUSE.CH Ransomware/Cerber Onion Domain Lookup 5.5R5 or above click for more information
105515 Trojan Activity: ServHelper CnC Domain 5.5R5 or above click for more information
332740 Trojan Activity: CrownAdPro CnC Activity M1 5.5R5 or above click for more information
......
Updated Signature
(13)		 Rule ID Rule Name StonesOS Detail
333641 Apache Airflow Example Dag Remote Code Execution Vulnerability (CVE-2020-11978) 5.5R5 or above Click here for more information
323894 PHP Laravel Framework 5.5.21 Information Leakage Vulnerability (CVE-2017-16894) 5.0R4 or above Click here for more information
338198 Sensitive File /windows/win.ini Access Detection 5.0R4 or above Click here for more information
335338 jQuery Arbitrary File Upload Vulnerability (CVE-2018-9207) 5.0R4 or above Click here for more information
323713 phpMyAdmin Authenticated Remote Code Execution Vulnerability (CVE-2016-5734) 5.5R5 or above Click here for more information
337588 Openfire Authentication Bypass Vulnerability (CVE-2023-32315) 5.0R4 or above Click here for more information
716914 Apache Solr JMX Service Remote Code Execution Vulnerability -2 (CVE-2019-12409) 5.0R4 or above Click here for more information
338197 Sensitive File /windows/win.ini Access Detection 5.0R4 or above Click here for more information
338504 Webshell Upload Detection - PHP File 5.5R5 or above Click here for more information
321554 Cobub Razor channel_name POST SQL Injection Vulnerability (CVE-2018-8057) 5.0R4 or above Click here for more information
714789 Adobe Reader U3D CLODMeshDeclaration 'Shading Count' Field Buffer Overflow Vulnerability (CVE-2010-0196) 5.5R4 or above Click here for more information
335379 EmpireCMS 7.5 DoSQL.php Remote Code Execution Vulnerability (CVE-2018-19462) 5.5R5 or above Click here for more information
333681 Apache Solr JMX Service Remote Code Execution Vulnerability (CVE-2019-12409) 5.0R4 or above Click here for more information