Search

Description Name: Many unsuccessful logon attempts . This is Trend Micro detection for packets passing through any network protocols that manifests Login Attempt activities which can be a potential intrusion. Below are some indicators of unusual beha...

Description Name: Unsuccessful logon to Kerberos . This is Trend Micro detection for packets passing through KERBEROS network protocols that manifests Login Attempt activities which can be a potential intrusion. Below are some indicators of unusual b...

Description Name: Possible Command Execution - HTTP (Response) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual...

Description Name: Suspicious LNK file transfer detected . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavi...

Description Name: Remote Clear Event through SMB2 Protocol Detected . This is Trend Micro detection for packets passing through SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unu...

Description Name: Suspicious script file extension . This is Trend Micro detection for packets passing through File Transfer, FTP and TFTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators...

Description Name: PAEXEC - SMB2 (REQUEST) .

Description Name: Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 3 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting t...

Description Name: LizaMoon - Compromised site with malicious URL . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusu...

Description Name: Unsuccessful log on to MSSQL service . This is Trend Micro detection for packets passing through MSSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unus...

Description Name: Unsuccessful log on to MySQL service . This is Trend Micro detection for packets passing through MYSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unus...

Description Name: A privileged user attempted to log on to the Oracle service . This is Trend Micro detection for packets passing through ORACLE network protocols that manifests Database Access activities which can be a potential intrusion. Below are...

Description Name: Remote Write Registry through SMB protocol detected . This is Trend Micro detection for packets passing through SMB network protocols that manifests Login Attempt actions which can be a potential intrusion. Below are some indicators...

Description Name: Shodan Internet Scan - Malware Hunter C&C Server Scan . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of...

Description Name: Possible PsExec PETYA - Ransomware - SMB . This is Trend Micro detection for packets passing through SMB2 and SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unu...

Description Name: Coinhive JavaScript Miner - HTTPS (Request) .

Description Name: Powershell script requested from root directory - HTTP (Request) . Related Malware: coinmine behavior

Description Name: Unregistered service running on non-standard port . This is Trend Micro detection for packets passing through SMTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of un...

Micro DPI Rules. 1005934| 1005934 - Identified Suspicious Command Injection Attack

Micro DPI Rules. 1005934| 1005934 - Identified Suspicious Command Injection Attack