50 Recent Changes in Main Web retrieved at 17:36 (GMT)

My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert tcp $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32/Vibem.C CnC Activity`; flow:established,to server; content:` 63 76 c4 52 99 1d 04 80 a9 1b 2d ` ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN XOR Checkin via HTTP`; flow:established,to server; content:`MSIE 6.0 3b 20 Windows NT 5.2 3b 20 SV1 3b ...
alert tls $EXTERNAL NET any $HOME NET any (msg:`ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex/Trickbot CnC)`; flow:established,from ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN MSIL/Karmen Ransomware CnC Activity`; flow:established,to server; content:`GET`; http method; content ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32/Unk.Stealer CnC Activity`; flow:established,to server; content:`POST`; http method; content:`/check ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET CURRENT EVENTS Successful Generic Phish 2018 05 16 (set)`; flow:established,to server; flowbits:set,ET.genericphish ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN InfoBot Sending LAN Details`; flow:established,to server; content:`POST`; http method; content:`.php ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN InfoBot Sending Machine Details`; flow:established,to server; content:`POST`; http method; content:` ...
alert http any any $HOME NET any (msg:`ET EXPLOIT HackingTrio UA (Hello, World)`; flow:established,to server; content:`POST`; http method; content:`Hello, World ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET CURRENT EVENTS TDS Sutra page redirecting to a SutraTDS`; flow:established,to client; file data; content: ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT PDF With Embedded U3D`; flow:established,to client; content:`obj`; content:` Added 2018 05 16 17 ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code`; flow:established ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET USER AGENTS Suspicious User Agent (InfoBot)`; flow:to server,established; content:`InfoBot`; http user agent ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Trojan Spy.Win32.Agent.byhm User Agent (EMSCBVDFRT)`; flow:to server,established; content:`EMSCBVDFRT ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Rogue.Win32/Winwebsec Install`; flow:to server,established; content:`/api/stats/install/?affid `; content ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32.Datamaikon Checkin NewAgent`; flow:to server,established; content:`/index.dat?`; http uri; content ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN DwnLdr JMZ Downloading Binary 2`; flow:established,to server; content:`/?path qx200.exe`; http uri; ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN DwnLdr JMZ Downloading Binary`; flow:established,to server; content:`/ngt.exe`; fast pattern; http uri ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET TROJAN FakeAV Landing Page Initializing Protection System`; flow:established,from server; content:` Initializing ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN SpyEye Checkin version 1.3.25 or later 3`; flow:established,to server; content:`POST`; http method; ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Cridex.B/Feodo Checkin`; flow:to server,established; content:`POST`; nocase; http method; content:` ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Trojan Spy.Win32.Zbot.djrm Checkin`; flow:to server,established; content:`/index.html?mac `; http uri ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Generic Dropper User Agent (XXXwww)`; flow:established,to server; content:`User Agent 3a XXXwww`; http ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32.Blocker Checkin`; flow:established,to server; content:`/gate.php?cmd `; http uri; content:` botnet ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32/Protux.B Download Update`; flow:from client,established; content:`Mozilla/4.2.20 (compatible 3B ...
#alert tcp $HOME NET any $EXTERNAL NET 1024: (msg:`ET TROJAN Backdoor.Win32.Riern.K Checkin Off Port`; flow:established,from client; content:` 01 new host `; depth ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32/Kazy Checkin`; flow:established,to server; content:`/guidcheck.php?q `; http uri; content:` g ` ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN InfoStealer Checkin`; flow:established,to server; content:`POST`; nocase; http method; content:`/abc ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Peed Checkin`; flow:established,to server; content:`POST`; nocase; http method; content:`.php`; http ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32/LockScreen Scareware Geolocation Request`; flow:established,to server; content:`/loc/gate.php?getpic ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN InfoStealer Checkin`; flow:established,to server; content:`POST`; nocase; http method; content:`/login ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN ABUD Checkin`; flow:established,to server; content:`/imagedump/image.php?size `; http uri; content: ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN NfLog Checkin (TTip)`; flow:to server,established; content:`/NfStart.asp?ClientId `; http uri; nocase ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN W32/Pasta.IK Checkin`; flow:established,to server; content:`/data/index.asp?act `; http uri; content ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Sefnit Checkin 5`; flow:established,to server; content:`?subid `; http uri; content:` u `; distance ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Sefnit Checkin 4`; flow:established,to server; content:`?aid `; http uri; content:` url `; http uri ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET TROJAN Karagany/Kazy Obfuscated Payload Download`; flow:established,to client; content:`Content Disposition ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN NfLog Checkin`; flow:to server,established; content:`POST`; http method; nocase; content:`/Nfile.asp ...
#alert http $HOME NET any $EXTERNAL NET !$HTTP PORTS (msg:`ET TROJAN UPDATE Protocol Trojan Communication detected on non http ports`; flow:to server,established ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN UPDATE Protocol Trojan Communication detected on http ports`; flow:to server,established; content:`POST ...
#alert tcp $HOME NET any $EXTERNAL NET 80 (msg:`ET TROJAN QDIGIT Trojan Protocol detected`; flow:to server,established; content:` 51 31 39 21 00 `; depth:5; dsize ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN TSPY SPCESEND.A Checkin`; flow:established,to server; content:`POST`; nocase; http method; content: ...
#alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:`ET TROJAN Delf/Troxen/Zema controller delivering clickfraud instructions`; flow:established,to client; ...
#alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:`ET TROJAN Delf/Troxen/Zema controller responding to client`; flow:established,to client; content:` 0d 0a ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN TLD4 Purple Haze Variant Initial CnC Request for Ad Servers`; flow:established,to server; content:`trf ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Dapato/Cleaman Checkin`; flow:established,to server; content:`.php?rnd `; http uri; fast pattern; content ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN TROJAN ClickCounter Connectivity Check`; flow:established,to server; content:` clickme 1 0d 0a `; http ...
Number of topics: 50

Show recent changes with 50, 100, 200, 500, 1000 topics, all changes

Related topics: RSS feed, rounded corners RSS feed, ATOM feed, WebNotify, site changes, site map

Topic revision: r4 - 2006-11-15 - TWikiContributor
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats