IPS Signature Database Update
| Name | ips.sig | |||
| Version | 2.1.592 | |||
| StoneOS | StoneOS 5.0R4F3.1 or above | |||
| Release Date | 2025-01-20 | |||
| New Signature (131) |
Rule ID | Rule Name | StonesOS | Detail |
| 105379 | Ransomware Activity: TeslaCrypt/AlphaCrypt Payment DNS Lookup | 5.5R5 or above | click for more information | |
| 105561 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 714758 | Trojan Activity: ATTACK_RESPONSE LaZagne Artifact Outbound in FTP | 5.5R5 or above | click for more information | |
| 105550 | Trojan Activity: Magecart CnC Domain Observed in DNS Query | 5.5R5 or above | click for more information | |
| 338653 | KESION EDU CheckOrder API SQL Injection Vulnerability | 5.0R4 or above | click for more information | |
| 105374 | Trojan Activity: FatDuke Domain Observed | 5.5R5 or above | click for more information | |
| 332571 | Ransomware Activity: Quant Loader Download Response | 5.5R5 or above | click for more information | |
| 105506 | Ransomware Activity: ABUSE.CH Locky C2 Domain | 5.5R5 or above | click for more information | |
| 105559 | Trojan Activity: W32.Razy Inject Domain in DNS Lookup | 5.5R5 or above | click for more information | |
| 332736 | Trojan Activity: Observed Magecart CnC Domain in TLS SNI | 5.0R4 or above | click for more information | |
| 105540 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 105545 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 105501 | Ransomware Activity: Possible WannaCry DNS Lookup 3 | 5.5R5 or above | click for more information | |
| 338648 | SecFox authService API FastJson Deserialization Vulnerability | 5.0R4 or above | click for more information | |
| 105528 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 332729 | Trojan Activity: Malicious SSL Cert (Magecart) | 5.5R5 or above | click for more information | |
| 105369 | Trojan Activity: PolyglotDuke Domain Observed | 5.5R5 or above | click for more information | |
| 105554 | Trojan Activity: MOBILE_MALWARE Trojan-Banker.AndroidOS.Anubis.d | 5.5R5 or above | click for more information | |
| 105543 | Trojan Activity: PS/PowerRatankba CnC DNS Lookup | 5.5R5 or above | click for more information | |
| 105496 | Ransomware Activity: ABUSE.CH Ransomware Domain Detected (Locky Payment) | 5.5R5 or above | click for more information | |
| ...... | ||||
| Updated Signature (2) |
Rule ID | Rule Name | StonesOS | Detail |
| 1005157 | ICMP Tunnel Detection - icmptunnel | 5.5R5 or above | Click here for more information | |
| 338453 | Topsec TopSAG synRequest Remote Command Execution Vulnerability | 5.5R8 or above | Click here for more information | |