50 Recent Changes in Main Web retrieved at 07:26 (GMT)

#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Possible IE 0day CVE 2013 3918 4`; flow:established,from server; file data; content:`19916E01 B44E ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Possible IE 0day CVE 2013 3918 3`; flow:established,from server; file data; content:`19916E01 B44E ...
alert tls $EXTERNAL NET 443 $HOME NET any (msg:`ET INFO Self Signed Cert O XX Observed`; flow:established,to client; tls cert subject; content:`O XX`; fast pattern ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Possible IE 0day CVE 2013 3918 2`; flow:established,from server; file data; content:`InformationCardSigninHelper ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Possible IE 0day CVE 2013 3918 1`; flow:established,from server; file data; content:`19916E01 B44E ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Possible Java CVE 2013 2465 Based on PoC`; flow:established,from server; flowbits:isset,ET.http.javaclient ...
alert tls $EXTERNAL NET 443,4443 $HOME NET any (msg:`ET TROJAN Possible Dyre SSL Cert (fake state)`; flow:established,from server; content:` 16 `; content:` 0b ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET CURRENT EVENTS DRIVEBY Goon/Infinity EK Landing Mar 31 2014`; flow:established,to client; file data; content ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Microsoft IE Memory Corruption Inbound (CVE 2013 3893)`; flow:established,to client; file data; ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Microsoft IE Memory Corruption Inbound (CVE 2013 3893)`; flow:established,to client; file data; ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET TROJAN Possible Win32/Hupigon ip.txt with a Non Mozilla UA`; flow:established,to server; content:`/ip.txt`; ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET INFO Invalid User Agent MSIE 9 on Windows NT 5`; flow:established,to server; content:` MSIE 9.0 3b Windows ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET USER AGENTS Suspicious User Agent (adlib)`; flow:established,to server; content:`adlib/`; http user agent; depth ...
alert http $HOME NET any $EXTERNAL NET any (msg:`ET USER AGENTS Suspicious User Agent Mozilla/3.0`; flow:established,to server; content:`Mozilla/3.0`; fast pattern ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET TROJAN Infostealer.Banprox Proxy.pac Download`; flow:from server,established; content:!`ztunnelversion 3a 20 ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Microsoft Internet Explorer Use After Free (CVE 2013 3163)`; flow:established,from server; file ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Potential Internet Explorer Use After Free (CVE 2013 3163)`; flow:established,from server; file ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED CVE 2013 1331 Microsoft Office PNG Exploit plugin detect script access`; flow:established,to client ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Flash Action Script Invalid Regex (CVE 2013 0634)`; flow:established,to client; file data; flowbits ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Flash Action Script Invalid Regex (CVE 2013 0634)`; flow:established,to client; file data; flowbits ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Exploit Specific Uncompressed Flash Inside of OLE (CVE 2013 0634)`; flow:established,to client; ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Exploit Specific Uncompressed Flash (CVE 2013 0634)`; flow:established,to client; flowbits:isset ...
#alert tcp $EXTERNAL NET any $HOME NET any (msg:`ET DOS Miniupnpd SoapAction MethodName Buffer Overflow (CVE 2013 0230)`; flow:to server,established; content:`POST ...
#alert udp any any $HOME NET 1900 (msg:`ET DOS Miniupnpd M SEARCH Buffer Overflow (CVE 2013 0229)`; content:`M SEARCH`; depth:8; isdataat:1492,relative; content ...
#alert udp $EXTERNAL NET any $HOME NET 1900 (msg:`ET DOS LibuPnP ST UDN Buffer Overflow (CVE 2012 5963)`; content:` 0D 0A ST 3A `; nocase; pcre:`/^ ^\r\n uuid ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED MetaSploit CVE 2012 1723 Class File (seen in live EKs)`; flow:established,from server; flowbits:isset ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED MetaSploit CVE 2012 1723 Class File (seen in live EKs)`; flow:established,from server; flowbits:isset ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET EXPLOIT Metasploit Landing Page (CVE 2013 0422)`; flow:established,from server; file data; content:`Loading ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET EXPLOIT EIP in URI M1 (CVE 2012 4792)`; flow:established,to server; content:`/B4%8C88%92`; http raw uri; fast ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET ATTACK RESPONSE Obfuscated JS URL Encoded Unescape Function Call Inbound`; flow:established,from server; file ...
alert http $EXTERNAL NET any $HOME NET any (msg:`ET ATTACK RESPONSE Obfuscated JS Possible URL Encoded JS Inbound`; flow:established,from server; file data; content ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Possible exploitation of CVE 2012 5076 by an exploit kit Nov 13 2012`; flow:from server,established ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Metasploit CVE 2012 1723 Attacker.class (Seen in Unknown EK) 11/01/12`; flow:to client,established ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Adobe Flash Vuln (CVE 2012 1535 Uncompressed) Exploit Specific`; flow:from server,established; flowbits ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Adobe Flash Vuln (CVE 2012 1535 Uncompressed) Exploit Specific`; flow:from server,established; flowbits ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Internet Explorer execCommand function Use after free Vulnerability (CVE 2012 4969)`; flow:established ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Internet Explorer execCommand function Use after free Vulnerability 0day`; flow:established,to client ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Potential MSXML2.DOMDocument ActiveXObject Uninitialized Memory Corruption Attempt`; flow:to client ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Potential MSXML2.DOMDocument.4 6.0 Uninitialized Memory Corruption (CVE 2012 1889)`; flow:to client ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Potential DOM Document.3.0 Uninitialized Memory Corruption Attempt (CVE 2012 1889)`; flow:established ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Potential MSXML2.DOMDocument Uninitialized Memory Corruption (CVE 2012 1889)`; flow:to client,established ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Microsoft Internet Explorer SameID Use After Free (CVE 2012 1875)`; flow:established,from server ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT MP4 Embedded in PDF File Potential Flash Exploit (CVE 2012 0754)`; flow:established,to client ...
#alert http $EXTERNAL NET any $HTTP SERVERS any (msg:`ET WEB SPECIFIC APPS phpMyAdmin setup.php Remote File inclusion Attempt (CVE 2010 3055)`; flow:established ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET EXPLOIT Java Atomic Reference Exploit Attempt Metasploit Specific (CVE 2012 0507)`; flow:established,from server ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Adobe Flash Player Malformed MP4 Remote Code Execution Attempt (CVE 2012 0754)`; flow:established ...
#alert http $HOME NET any $EXTERNAL NET any (msg:`ET POLICY SSL MiTM Vulnerable iOS 4.x CDMA iPhone device (CVE 2011 0228)`; flow:established,to server; content ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET WEB CLIENT Microsoft Word RTF pFragments Stack Overflow Attempt (CVE 2010 3333)`; flowbits:isset,OLE.CompoundFile ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Microsoft Internet Explorer Time Element Uninitialized Memory Remote Code Execution Attempt`; flow ...
#alert http $EXTERNAL NET any $HOME NET any (msg:`ET DELETED Known in Wild Microsoft Internet Explorer Time Element Uninitialized Memory Remote Code Execution Attempt ...
Number of topics: 50

Show recent changes with 50, 100, 200, 500, 1000 topics, all changes

Related topics: RSS feed, rounded corners RSS feed, ATOM feed, WebNotify, site changes, site map

Topic revision: r4 - 2006-11-15 - TWikiContributor
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats