50 Recent Changes in Main Web retrieved at 07:26 (GMT)

#alert tcp any any $HOME NET 445 (msg:`ET DELETED PTsecurity DoublePulsar Backdoor installation communication`; flow: to server, established; content: ` FF SMB2 ...
alert udp $HOME NET any any 53 (msg:`ET TROJAN DNS Query For TURNEDUP.Backdoor CnC (googlmail)`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; ...
alert tls $EXTERNAL NET any $HOME NET any (msg:`ET CURRENT EVENTS Lets Encrypt Free SSL Cert Observed in Possible Coinhive Javascript Cryptocurrency Mining`; flow ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN MSIL/CoalaBot CnC Activity`; flow:established,to server; content:`POST`; http method; content:`.php ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN HTTP Andromeda File Request`; flow:established,to server; content:`myguy`; http uri; fast pattern:only ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Observed GET Request to Jaff Domain (orhangazitur . com)`; flow:to server,established; content:`GET` ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MOBILE MALWARE Trojan Banker.AndroidOS.RedAlert CnC Beacon`; flow:to server,established; content:`POST`; http ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET INFO Suspicious Darkwave Popads Pop Under Redirect`; flow:established,to client; file data; content:` 2f 2a ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET INFO Adilbo HTML Encoder Observed`; flow:established,to client; file data; content:` 2f 2a 20 61 64 69 6c 62 ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Win32/Scarsi Variant CnC Activity`; flow:to server,established; content:`/WP`; http uri; content:`.php ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Trojan.Kwampirs Outbound GET request`; flow:to server,established; content:`GET`; nocase; http method ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE PTsecurity SearchGo (start page)`; flow:established,to server; urilen: 100; content:`/07%2746%d3 ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET MALWARE PTsecurity WebToolbar.Win32.Searchbar.k HTTP JSON Artifact`; flow:established,to client; content: ...
alert http $HTTP SERVERS any $EXTERNAL NET any (msg:`ET WEB SERVER OptionsBleed (CVE 2017 9798)`; flow:from server; content:`Allow 3a 20 `; http header; pcre:` ...
#alert http $EXTERNAL NET any $HTTP SERVERS any (msg:`ET WEB SERVER Possible OptionsBleed (CVE 2017 9798)`; flow:established,to server; content:`OPTIONS`; http ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
#alert tcp $EXTERNAL NET :32768 $HOME NET any (msg:`ET TROJAN PTsecurity Backdoor.Java.Adwind.cu Certificate flowbit set 1`; flow:established, to client; content ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE Malicious Adware Chrome Extension Detected (2)`; flow:to server,established; content:`/?keyword `; http ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE Malicious Adware Chrome Extension Detected (1)`; flow:to server,established; content:`/hostedsearch ...
alert udp $HOME NET any any 53 (msg:`ET MALWARE Malicious Chrome Ext. DNS Query For Adware CnC (opurie)`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset ...
alert udp $HOME NET any any 53 (msg:`ET MALWARE Malicious Chrome Ext. DNS Query For Adware CnC (go.querymo)`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10 ...
alert udp $HOME NET any any 53 (msg:`ET MALWARE Malicious Chrome Ext. DNS Query For Adware CnC (search.feedvertizus)`; content:` 01 00 00 01 00 00 00 00 00 00 ...
alert udp $HOME NET any any 53 (msg:`ET MALWARE Malicious Chrome Ext. DNS Query For Adware CnC (startupfraction)`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE Adware/FakeAV.Kraddare Checkin UA`; flow:established,to server; content:`pcsetup `; http header; pcre ...
alert tcp $HOME NET any $EXTERNAL NET 5217 (msg:`ET MALWARE W32/SmartPops Adware Outbound Off Port MSSQL Communication`; flow:established,to server; content:`S ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE UBar Trojan/Adware Checkin 3`; flow:established,to server; content:`size.php?`; http uri; content:`file ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE UBar Trojan/Adware Checkin 2`; flow:established,to server; content:`inst.php?`; http uri; content:`pcode ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE UBar Trojan/Adware Checkin 1`; flow:established,to server; content:`?gname `; http uri; content:` pid ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE Known Malicious User Agent (x) Win32/Tracur.A or OneStep Adware Related`; flow:to server,established ...
alert tcp $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE Adware.Kraddare Checkin`; flow:established,to server; content:`.php?`; http uri; content:`strID `; http ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET MALWARE Downloader Checkin Downloads Rogue Adware `; flow:established,to server; content:`GET`; nocase; http ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:`ET MALWARE AdWare.Win32.Yokbar User Agent Detected (YOK Agent)`; flow:established,to server; content:`User ...
alert tls $EXTERNAL NET any $HOME NET any (msg:`ET TROJAN Observed Malicious SSL Cert (MalDoc DL)`; flow:established,from server; content:` 55 04 03 `; content ...
alert tcp $EXTERNAL NET :32768 $HOME NET any (msg:`ET TROJAN PTsecurity Backdoor.Java.Adwind.cu`; flow:established, to client; content:` 17 03 `; depth:2; content ...
#alert tcp $EXTERNAL NET :32768 $HOME NET any (msg:`ET TROJAN PTsecurity Backdoor.Java.Adwind.cu pkt Checker flowbit set 5`; flow:established,to client; content ...
#alert tcp $HOME NET any $EXTERNAL NET :32768 (msg:`ET TROJAN PTsecurity Backdoor.Java.Adwind.cu pkt Checker flowbit set 4`; flow:established,to server; content ...
#alert tcp $EXTERNAL NET :32768 $HOME NET any (msg:`ET TROJAN PTsecurity Backdoor.Java.Adwind.cu pkt Checker flowbit set 3`; flow:established,to client; content ...
#alert tcp $HOME NET any $EXTERNAL NET :32768 (msg:`ET TROJAN PTsecurity Backdoor.Java.Adwind.cu pkt Checker flowbit set 2`; flow:established, to server; content ...
My Links WelcomeGuest starting points on TWiki TWikiUsersGuide complete TWiki documentation, Quick Start to Reference WebHome try out TWiki on ...
alert udp $HOME NET any any 53 (msg:`ET MOBILE MALWARE Android/Bankbot.HHtr DNS Lookup 16`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content ...
alert udp $HOME NET any any 53 (msg:`ET MOBILE MALWARE Android/Bankbot.HHtr DNS Lookup 15`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content ...
alert udp $HOME NET any any 53 (msg:`ET MOBILE MALWARE Android/Bankbot.HHtr DNS Lookup 14`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content ...
alert udp $HOME NET any any 53 (msg:`ET MOBILE MALWARE Android/Bankbot.HHtr DNS Lookup 13`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content ...
alert udp $HOME NET any any 53 (msg:`ET MOBILE MALWARE Android/Bankbot.HHtr DNS Lookup 12`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content ...
alert udp $HOME NET any any 53 (msg:`ET MOBILE MALWARE Android/Bankbot.HHtr DNS Lookup 11`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content ...
alert udp $HOME NET any any 53 (msg:`ET MOBILE MALWARE Android/Bankbot.HHtr DNS Lookup 10`; content:` 01 00 00 01 00 00 00 00 00 00 `; depth:10; offset:2; content ...
Number of topics: 50

Show recent changes with 50, 100, 200, 500, 1000 topics, all changes

Related topics: RSS feed, rounded corners RSS feed, ATOM feed, WebNotify, site changes, site map

Topic revision: r4 - 2006-11-15 - TWikiContributor
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats