New Filters:
44001: HTTP: Worm.Linux.Bulusbot.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2014-8361
- Release Date: March 19, 2024
44002: SMTP: Ransomware.Python.CrackerLocker.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block + Notify + Trace)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44003: HTTP: Trojan.MacOS.RustDoorStealer.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44004: HTTP: Trojan.MSIL.RotbotLoader.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44012: HTTP: Backdoor.Win32.DarkGate.B Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-21412
- Release Date: March 19, 2024
44014: TCP: Trojan.Python.SocGhoProxy.A Runtime Detection (IPv4 Command Type)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44015: TCP: Trojan.Python.SocGhoProxy.A Runtime Detection (Domain Command Type)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44016: HTTP: Trojan-Downloader.Win32.Nightdoor.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44017: TCP: Trojan.Python.Lockscrblue.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44018: HTTP: Trojan-Downloader.Shell.Erenecodio.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44019: HTTP: Trojan.Python.BlackCapGrabber.cf655e5b Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
44021: HTTP: Trojan.Win32.Chavecloak.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: March 19, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
* 33613: HTTP: Backdoor.Win32.DarkGate.A Runtime Detection
- IPS Version: 3.7.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "33613: HTTP: DarkGate Checkin Request".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 27, 2018
- Last Modified Date: March 19, 2024
* 43149: SMB: Backdoor.Win32.CobaltStrikeSMBBeacon.R423938 Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: August 22, 2023
- Last Modified Date: March 19, 2024
Modified Filters (metadata changes only): None
Removed Filters: None
|
Views:
Keywords: ThreatDV - Malware Filter Package #1971