Search
Keyword: usoj_cve20175753.poe
* indicates a new version of an existing rule Deep Packet Inspection Rules: Microsoft Office 1009368 - Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8539) Web Client Common 1009366 -
* indicates a new version of an existing rule Deep Packet Inspection Rules: Java RMI 1009451* - Java Unserialize Remote Code Execution Vulnerability Over RMI Memcached 1009459 - Memcached
* indicates a new version of an existing rule Deep Packet Inspection Rules: Apache Solr RMI 1010116 - Apache Solr Remote Code Execution Vulnerability (CVE-2019-12409) DCERPC Services - Client 1010106
Microsoft addresses several vulnerabilities in its January security bulletin. Trend Micro Deep Security covers the following: CVE-2020-0609 - Windows Remote Desktop Gateway (RD Gateway) Remote Code
* indicates a new version of an existing rule Deep Packet Inspection Rules: Apache JServ Protocol 1010184 - Identified Apache JServ Protocol (AJP) Traffic Oracle E-Business Suite Web Interface
* indicates a new version of an existing rule Deep Packet Inspection Rules: IBM WebSphere Application Server 1009803 - IBM Websphere Application Server Remote Code Execution Vulnerability
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services - Client 1010201 - Microsoft Windows LNK Remote Code Execution Vulnerability Over SMB (CVE-2020-0729)
Microsoft addresses several vulnerabilities in its April security bulletin. Trend Micro Deep Security covers the following: CVE-2020-1020 - Adobe Font Manager Library Remote Code Execution
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services 1001852* - Identified Attempt To Brute Force Windows Login Credentials (ATT&CK T1110) GoCD Server 1011758 -
* indicates a new version of an existing rule Deep Packet Inspection Rules: Redis Server 1011812 - Redis Denial Of Service Vulnerability (CVE-2022-36021) Unix Samba 1011796* - Linux Kernel KSMBD
* indicates a new version of an existing rule Deep Packet Inspection Rules: GoCD Server 1011758* - GoCD Server Directory Traversal Vulnerability (CVE-2021-43287) Parse Server 1011608* - Parse Server
* indicates a new version of an existing rule Deep Packet Inspection Rules: Atlassian Bitbucket 1011432* - Atlassian Bitbucket Data Center Server Java Deserialization Vulnerability (CVE-2022-26133)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services - Client 1011517 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services 1011037* - Identified Remote System Discovery Over SMB - 1 (ATT&CK T1018) 1011027* - Identified Session
* indicates a new version of an existing rule Deep Packet Inspection Rules: Directory Server LDAP 1011039 - Identified Domain Trust Discovery Request Over LDAP (ATT&CK T1482) Redis Server 1011555 -
* indicates a new version of an existing rule Deep Packet Inspection Rules: Redis Server 1011812 - Redis Denial Of Service Vulnerability (CVE-2022-36021) Unix Samba 1011796* - Linux Kernel KSMBD
* indicates a new version of an existing rule Deep Packet Inspection Rules: GoCD Server 1011758* - GoCD Server Directory Traversal Vulnerability (CVE-2021-43287) Parse Server 1011608* - Parse Server
* indicates a new version of an existing rule Deep Packet Inspection Rules: Apache Nifi 1012122 - Apache NiFi Stored Cross-Site Scripting Vulnerability (CVE-2024-37389) DHCP Failover Protocol Server
* indicates a new version of an existing rule Deep Packet Inspection Rules: CyberPower PowerPanel Business 1012064 - CyberPower PowerPanel Business Directory Traversal Vulnerability (CVE-2024-33615)
Both malware are related to the modified Enfal variants, which were reported to have infected 874 systems in 33 countries. To get a one-glance comprehensive view of the behavior of this Trojan, refer