Search

Description Name: Possible Malformed Heartbeat SSL Response - Class 1 . This is Trend Micro detection for TCP, SSL and HTTPS network protocol that manifests exploit activities and can be used for Intelligence Gathering.The host exhibiting this type o...

Description Name: Possible Malformed Heartbeat SSL Response - Class 2 . This is Trend Micro detection for TCP, SSL and HTTPS network protocol that manifests exploit activities and can be used for Intelligence Gathering.The host exhibiting this type o...

Description Name: Possible Vulnerable Channel - RDP (Request) . This is Trend Micro detection for RDP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavior is likely co...

Description Name: Possible IE Exploit - HTTP (Response) - Variant 6 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavior is li...

Description Name: Possible Vulnerable Channel - RDP (Request) - Variant 2 . This is Trend Micro detection for RDP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavior ...

Description Name: FAKEAV - HTTP (Request) - Variant 16 . KATUSHA Trojans typically arrive via spammed email messages or as files downloaded unknowingly by users when visiting malicious sites. It is used to download and execute other malicious files. ...

Description Name: Possible IE Exploit - HTTP (Response) - Variant 5 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavior is li...

Description Name: CVE-2021-44790 - APACHE BUFFER OVERFLOW EXPLOIT - HTTP(REQUEST) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting t...

arbitrary code: https://{BLOCKED}}4.rs Displays a PDF text annotation containing malicious code to execute a cross-site scripting (XSS) attack and execute arbitrary code. JS:CVE-2016-3198-A [Expl] (AVAST)

Recently, there has been a spike in incidents involving information-stealing malware, commonly known as info-stealers, which uses cloud sharing services to attack victims. Threat actors have been

instant-messaging (IM) applications: MSN Messenger Backdoor Routine This worm executes the following commands from a remote malicious user: Display advertisements Performs Slowloris, UDP and TCP Flooding method

MSN messenger Propagate via Removable drives Scan network for VNC Flooding (DDOS) Steal passwords and sensitive data saved by web browsers Download and execute arbitrary files Check malware version

messenger Propagate via Removable drives Scan network for VNC Flooding (DDOS) Steal passwords and sensitive data saved by web browsers Download and execute arbitrary files Check malware version Update itself

http://sjc1-te-cmsap1.sdi.trendnet.org/dumpImages/125201023923.jpeg Background of the Attack TSPY_ZBOT is the Trend Micro detection for malware related to what the industry dubs "ZeuS botnets." ZeuS

user: Get system info Get CPU info Get network activity Execute Shell Perform DDOS Attack Kill self It connects to the following websites to send and receive information: {BLOCKED}.{BLOCKED}.108.2

CVE-2007-0271 Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04.

CVE-2005-3438 Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in

CVE-2006-5340 Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack

Description Name: SWEET ORANGE - Exploit kit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavior is likely c...

Description Name: CVE-2016-6662 - MySQL Remote Code Execution Exploit . This is Trend Micro detection for MYSQL network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of...