Summary
ThreatDV - Malware Filter Package #1729 September 22, 2020
Details
Thank you for subscribing to Threat Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com SMS customers can update the malware filter set through the SMS client. Go to Profiles > Auxiliary DVs > Download to detect and load the latest update. |
System Requirements The malware filter package requires TOS v3.7.0, NGFW v1.1.1, TPS v4.0.0, vTPS v4.0.1 or later. This filter package is supported only on the N and NX Platform IPS, NGFW, TPS and vTPS systems licensed for the ThreatDV (formerly ReputationDV) service. |
The Malware Filter Package can also be manually downloaded from the following URL: https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=malware&contentId=Malware_3.7.0_1729.pkg |
Update Details
Table of Contents
--------------------------
Filters
New Filters - 7
Modified Filters (logic changes) - 0
Modified Filters (metadata changes only) - 0
Removed Filters - 0
Filters
----------------
New Filters:
38183: HTTP: Trojan.MSIL.Geprovisot.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: September 22, 2020 38184: HTTP: Anttispi Webshell Traffic Detected - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: Critical - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: September 22, 2020 38185: HTTP: Etaukey Webshell Traffic Detected - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: Critical - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: September 22, 2020 38186: HTTP: Ptrpmpx Webshell Traffic Detected (Authentication and File Delete Operations) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: Critical - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: September 22, 2020 38187: HTTP: Ptrpmpx Webshell Traffic Detected (File Upload and Shell CMD Execution Operations) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: Critical - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: September 22, 2020 38188: HTTP: MuddyWater Download Request - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: Critical - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: September 22, 2020 38194: SMTP: Trojan.Win32.RingwavLogger.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: September 22, 2020 Modified Filters (logic changes): None Modified Filters (metadata changes only): None Removed Filters: NoneTop of the Page