IPS Signature Database Update

Name	ips.sig
Version	2.1.593
StoneOS	StoneOS 5.0R4F3.1 or above
Release Date	2025-02-10
New Signature (114)	Rule ID	Rule Name	StonesOS	Detail
	105464	Ransomware Activity: DNS Query to Cerber Domain	5.5R5 or above	click for more information
	338656	Fastjson 1.2.83 Remote Code Execution Vulnerability (CVE-2022-25845)	5.0R4 or above	click for more information
	105453	Trojan Activity: Group 21 CnC Domain Observed in DNS Query	5.5R5 or above	click for more information
	105424	Ransomware Activity: Ransomware/Cerber Onion Domain Lookup	5.5R5 or above	click for more information
	105418	Ransomware Activity: TrumpLocker/VenusLocker .onion Proxy Domain	5.5R5 or above	click for more information
	332657	Trojan Activity: Observed Godlua Backdoor Domain	5.5R5 or above	click for more information
	332612	Ransomware Activity: Ransomware Locky CnC Beacon	5.5R5 or above	click for more information
	105396	Ransomware Activity: Ransomware Locky .onion Payment Domain (mphtadhci5mrdlju)	5.5R5 or above	click for more information
	332633	Trojan Activity: MALWARE Win32/Adware.Bang5mai.BB CnC Activity M2	5.5R5 or above	click for more information
	105462	Ransomware Activity: DNS Query to Cerber Domain	5.5R5 or above	click for more information
	105401	Ransomware Activity: DNS Query to Cerber Domain	5.5R5 or above	click for more information
	338666	Zabbix Authentication Bypass Vulnerability (CVE-2019-17382)	5.0R4 or above	click for more information
	105390	Ransomware Activity: Ransomware/Cerber Onion Domain Lookup	5.5R5 or above	click for more information
	105448	Trojan Activity: Plurox CnC Domain in DNS Lookup	5.5R5 or above	click for more information
	105427	Trojan Activity: Magecart CnC Domain Observed in DNS Query	5.5R5 or above	click for more information
	332605	Trojan Activity: StealerNeko CnC Checkin	5.5R5 or above	click for more information
	105408	Ransomware Activity: Xbash CnC DNS Lookup	5.5R5 or above	click for more information
	332622	Trojan Activity: Win32/ViSystem CnC Checkin	5.5R5 or above	click for more information
	805934	Trojan Activity: ELF/Roboto - Communicating with Hardcoded Peer 5	5.5R5 or above	click for more information
	332611	Ransomware Activity: PWS.Win32/Reveton.A Checkin	5.5R5 or above	click for more information
	......
Updated Signature (9)	Rule ID	Rule Name	StonesOS	Detail
	333612	Tongda OA v11.9 SQL Injection Vulnerability	5.5R5 or above	Click here for more information
	336534	Western Digital My Cloud Pro Series PR2100 Remote Code Execution Vulnerability	5.5R5 or above	Click here for more information
	332982	Nagios XI Alert Cloud Cross-Site Scripting Vulnerability	5.0R4 or above	Click here for more information
	337773	Zfsoft CreateCaFile Remote Code Execution Vulnerability	5.0R4 or above	Click here for more information
	338571	Ivanti Avalanche SmartDeviceServer XXE Vulnerability (CVE-2024-38653)	5.0R4 or above	Click here for more information
	338450	Yonyou U8 leadconversion.php SQL Injection Vulnerability	5.5R8 or above	Click here for more information
	337289	PHP Temporary Files Inclusion Vulnerability	5.5R5 or above	Click here for more information
	338640	Mlflow Arbitrary File Read Vulnerability (CVE-2024-8859)	5.0R4 or above	Click here for more information
	338533	Lunary 1.4.2 SQL Injection Vulnerability (CVE-2024-7456)	5.5R5 or above	Click here for more information