Search
Keyword: JS_EXPLOIT
the filter number and filter name when applying appropriate DPI and/or IDF rules. 1000140| 1000140 - Oracle Database Server XML Database Component Buffer Overflow Exploit (shell)
CVE-2012-4969 A remote code execution vulnerability in Internet Explorer versions 6, 7, 8, and 9 is being used in some targeted attacks. Visiting a website or webpage where the exploit is hosted may
Description Name: FLASH EXPLOIT - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as N/A. This also indicates a malware infection. Below are some indicators of an infected host:Excess...
Description Name: Command Execution - SMB (Request) . This is Trend Micro detection for packets passing through SMB network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection. Below are some indi...
Description Name: FALLOUT - Exploit Kit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compromised by ma...
Description Name: EXAMINE Buffer Overflow - IMAP4 (Request) . This is Trend Micro detection for IMAP4 network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavior is likely co...
Description Name: ZOLLARD Command Execution - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection. Below are...
Description Name: NUUO Command Injection - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compromised by m...
Description Name: UNDERMINER - Exploit Kit - HTTP (Request) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely co...
Description Name: DIRECTORY TRAVERSAL on Unknown Protocol . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection. Below are som...
Description Name: Remote PHP-CGI Command Execution - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection. Be...
Description Name: YERSINIA - ICMP (Request) . This is Trend Micro detection for ICMP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compromised by malware, or bei...
Description Name: CRAM-MD5 Authentication Buffer Overflow - IMAP4 (Request) . This is the Trend Micro detection for malicious IMAP4 network packet that manifest any of the following actions:ExploitThis attack is used for Point of Entry
Description Name: Possible CVE-2018-8413 Windows Theme API RCE Download - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhi...
This Trojan may be hosted on a website and run when a user accesses the said website. It requires its main component to successfully perform its intended routine. Arrival Details This Trojan may be
This Trojan may be hosted on a website and run when a user accesses the said website. It requires its main component to successfully perform its intended routine. It takes advantage of certain
This is the detection for the second stage malware related to the new Java zero-day exploit which was used in the targeted attack campaign, Operation Pawn Storm. In the second stage of the attack, it
This is the detection for the third stage malware related to the new Java zero-day exploit that was used in the targeted attack campaign, Operation Pawn Storm. In the first stage of the infection
component bundled with malware/grayware packages. Other Details This Trojan requires its main component to successfully perform its intended routine. It is a zero-day exploit for the following vulnerability:
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are