Search

Description Name: SYSTEM INFORMATION DISCOVERY - LDAP(REQUEST) . This is Trend Micro detection for packets passing through LDAP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual...

Description Name: URIVAR EXFILTRATION - HTTP(REQUEST) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior...

Description Name: Exfiltration SSH Private Key - HTTP (Response) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusu...

Description Name: Remote Service execution through SMB2 SVCCTL detected - Variant 3 . This is Trend Micro detection for packets passing through SMB2 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some ...

stumbling upon bad links in search engines. 1. Do not click suspicious-looking URLs even if these appear as top search engine results. 2. Consider a link suspicious if any or some of its components (e.g., ://

Description Name: File was identified by Scan Engine and analyzed by Virtual Analyzer . This is the Trend Micro identification for suspicious files scanned by Scan Engine and assessed by Virtual Analyzer as risky.

aka "Backup Manager Insecure Library Loading Vulnerability." microsoft windows_vista Apply associated Trend Micro DPI Rules. 1005269| 1004566 - Identified Suspicious Microsoft DLL File Over Network

Description Name: HTA PowerShell Empire - HTTP (Request) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compr...

Description Name: Possible HTA PowerShell Empire (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compromised by ...

Description Name: Metasploit(Payload) - Possible Reverse TCP Certificate . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection...

This is a Trend Micro generic detection for files with structures that are considered unusual for normal files. If your Trend Micro product detects a file under this detection name, do not execute

Description Name: APT - SUSPICIOUS CGI DIRECTORY TRAVERSAL - HTTP (REQUEST) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behav...

Description Name: Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting t...

Description Name: Unregistered mail server - Email . This is Trend Micro detection for packets passing through SMTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Su...

Description Name: Archive file containing packed executable file - Email . This is Trend Micro detection for packets passing through SMTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators ...

Description Name: Successful log on to MSSQL service . This is Trend Micro detection for packets passing through MSSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unusua...

Description Name: Successful log on to MySQL service . This is Trend Micro detection for packets passing through MYSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unusua...

Description Name: Unsuccessful log on to POSTGRES service - Username does not exist . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. B...

Description Name: Unsuccessful log on to POSTGRES service - Database does not exist . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. B...

Description Name: A privileged user attempted to log on to the POSTGRES service . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. Below...