New Filters:
44187: TCP: Worm.Linux.CatDDoS.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2017-17215, CVE-2023-46604
- Release Date: April 30, 2024
44188: HTTP: Trojan-Downloader.VBS.Pteroodonoff.DRFZBV Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: April 30, 2024
44189: HTTP: Trojan.MSIL.Leomen.00CCB8F9 Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: April 30, 2024
44200: SMB: Trojan.MSIL.SamecoinSpreader.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: April 30, 2024
44204: SMTP: Trojan.Python.Atzstealer.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: April 30, 2024
44205: HTTP: Trojan.MSIL.SharpilRAT.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: April 30, 2024
44206: TCP: Trojan.Win32.ZusyLogger.A Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: April 30, 2024
44207: TCP: Backdoor.Win64.TinyNuke.R03BC0DDB24 Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: April 30, 2024
44210: HTTP: Backdoor.Linux.LineDancer.A Runtime Detection (POST Ingress)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Virus
- Severity: High
- Description: This filter is deployed in the Malware Filter Package.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-20353, CVE-2024-20359
- Release Date: April 30, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
27839: TCP: Trojan.Win32.Alreay.E Runtime Detection (Request Commands)
- IPS Version: 3.7.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "27839: TCP: BKDR_FIMLIS.A (Alreay.E) Checkin".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 18, 2017
- Last Modified Date: April 30, 2024
* 28617: TCP: Backdoor.Win64.Meterpreter.X Payload Detection
- IPS Version: 3.7.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "28617: TCP: Meterpreter Payload".
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 04, 2017
- Last Modified Date: April 30, 2024
* 41186: TCP: Trojan.MSIL.Bobik.JFC Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: April 19, 2022
- Last Modified Date: April 30, 2024
* 43498: SMB: Ransomware.Win64.Megazord.SMTHIBHBC Runtime Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: November 21, 2023
- Last Modified Date: April 30, 2024
Modified Filters (metadata changes only): None
Removed Filters:
34282: TCP: Trojan.Win32.Alreay.E Runtime Detection
- IPS Version: 3.7.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Release Date: February 13, 2019
- Last Modified Date: October 25, 2022
|
Views:
Keywords: ThreatDV - Malware Filter Package #1978