rule Update
20-014 (17 de marzo de 2020)
Publish date: 17 de marzo de 2020
Descripción
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
1010192* - Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)
DCERPC Services - Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
Trend Micro OfficeScan
1010181 - Trend Micro Apex One And OfficeScan Server Directory Traversal Vulnerability (CVE-2020-8599)
1010191 - Trend Micro Apex One And OfficeScan Server Migration Tool Remote Code Execution Vulnerability (CVE-2020-8467)
1010179 - Trend Micro Multiple Products Arbitrary File Delete Vulnerability (CVE-2020-8470)
1010202 - Trend Micro Worry-Free Business Security Directory Traversal Vulnerability (CVE-2020-8600)
Web Application Common
1010199 - Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)
Web Client Common
1010193 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB20-13)
Web Server Common
1010082 - CMS Made Simple Authenticated RCE Via Object Injection Vulnerability (CVE-2019-9055)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002831* - Unix - Syslog
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
1010192* - Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)
DCERPC Services - Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
Trend Micro OfficeScan
1010181 - Trend Micro Apex One And OfficeScan Server Directory Traversal Vulnerability (CVE-2020-8599)
1010191 - Trend Micro Apex One And OfficeScan Server Migration Tool Remote Code Execution Vulnerability (CVE-2020-8467)
1010179 - Trend Micro Multiple Products Arbitrary File Delete Vulnerability (CVE-2020-8470)
1010202 - Trend Micro Worry-Free Business Security Directory Traversal Vulnerability (CVE-2020-8600)
Web Application Common
1010199 - Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)
Web Client Common
1010193 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB20-13)
Web Server Common
1010082 - CMS Made Simple Authenticated RCE Via Object Injection Vulnerability (CVE-2019-9055)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002831* - Unix - Syslog