IPS Signature Database Update
| Name | ips.sig | |||
| Version | 2.1.599 | |||
| StoneOS | StoneOS 5.0R4F3.1 or above | |||
| Release Date | 2025-03-24 | |||
| New Signature (106) |
Rule ID | Rule Name | StonesOS | Detail |
| 714758 | Trojan Activity: ATTACK_RESPONSE LaZagne Artifact Outbound in FTP | 5.5R5 or above | click for more information | |
| 338750 | Kibana 7.6.2 upgrade-assistant-telemetry Code Injection Vulnerability (CVE-2020-7012) | 5.0R4 or above | click for more information | |
| 105490 | Ransomware Activity: Win32/Teslacrypt Ransomware .onion domain | 5.5R5 or above | click for more information | |
| 105506 | Ransomware Activity: ABUSE.CH Locky C2 Domain | 5.5R5 or above | click for more information | |
| 332674 | Trojan Activity: Possible Darkhotel Higasia Downloader Checkin | 5.0R4 or above | click for more information | |
| 332736 | Trojan Activity: Observed Magecart CnC Domain in TLS SNI | 5.0R4 or above | click for more information | |
| 714744 | Trojan Activity: PowerShell Base64 Encoded Content Command Common In Powershell Stagers M2 | 5.5R5 or above | click for more information | |
| 338749 | Kibana 7.6.2 upgrade-assistant-telemetry Code Injection Vulnerability (CVE-2020-7012) | 5.0R4 or above | click for more information | |
| 105501 | Ransomware Activity: Possible WannaCry DNS Lookup 3 | 5.5R5 or above | click for more information | |
| 1908981 | Ransomware Activity: Locky Ransomware Writing Instructions via SMB | 5.5R5 or above | click for more information | |
| 105474 | Ransomware Activity: Generic DNS Query for Suspicious CryptoWall (crpt) Domains | 5.5R5 or above | click for more information | |
| 105528 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 332729 | Trojan Activity: Malicious SSL Cert (Magecart) | 5.5R5 or above | click for more information | |
| 332673 | Trojan Activity: PowerShell NonInteractive Command Common In Powershell Stagers | 5.5R5 or above | click for more information | |
| 332690 | Trojan Activity: Observed Malicious SSL Cert (Sidewinder APT CnC) | 5.5R5 or above | click for more information | |
| 338744 | WordPress Plugin WooCommerce Local File Inclusion Vulnerability (CVE-2025-1661) | 5.5R5 or above | click for more information | |
| 105496 | Ransomware Activity: ABUSE.CH Ransomware Domain Detected (Locky Payment) | 5.5R5 or above | click for more information | |
| 105526 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 105485 | Ransomware Activity: CryptoLocker .onion Proxy Domain (6i3cb6owitcouepv) | 5.5R5 or above | click for more information | |
| 105531 | Ransomware Activity: Iron Ransomware Domain | 5.5R5 or above | click for more information | |
| ...... | ||||
| Updated Signature (0) |
Rule ID | Rule Name | StonesOS | Detail |
| No update. | ||||