Search
Keyword: arp flooding attack
Description Name: CVE-2014-6271 - SHELLSHOCK DNS Exploit . This is Trend Micro detection for DNS network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network behavi...
Description Name: CVE-2018-7600 - Drupal Remote Code Execution - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting thi...
Description Name: CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Moveme...
Description Name: Port Scan - TCP . An attacker may use one or a few hosts to scan multiple ports on a single target host.This detection is only for a single host and common TCP ports.This is Trend Micro detection for packets passing through TCP netw...
Description Name: Many unsuccessful logon attempts . This is Trend Micro detection for packets passing through any network protocols that manifests Login Attempt activities which can be a potential intrusion. Below are some indicators of unusual beha...
Description Name: Unauthorized Read MODBUS Request . This is Trend Micro detection for packets passing through MODBUS-TCP and PROTOCOL_42 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators ...
Description Name: Suspicious file in SMB network share identified by file reputation database . This is Trend Micro detection for packets passing through SMB2 and SMB network protocols that manifests unusual behavior which can be a potential intrusio...
Description Name: File name with multiple consecutive spaces and executable extension . This is Trend Micro detection for packets passing through various network protocols that manifests unusual behavior which can be a potential intrusion. Below are ...
Description Name: Unsuccessful log on to MSSQL service . This is Trend Micro detection for packets passing through MSSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unus...
Description Name: SMB or SMB2 PE file Upload to non-administrative share folder detected . This is Trend Micro detection for packets passing through SMB2 and SMB network protocols that manifests unusual behavior which can be a potential intrusion. Be...
Description Name: Unauthorized Write MODBUS Request . This is Trend Micro detection for packets passing through MODBUS-TCP and PROTOCOL_42 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators...
Description Name: CVE-2014-6271 - SHELLSHOCK VoIP SIP Exploit . This is Trend Micro detection for SIP2 network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network ...
Description Name: Suspicious file in E-mail identified by file reputation database . This is Trend Micro detection for packets passing through SMTP, POP3 and IMAP4 network protocols that manifests unusual behavior which can be a potential intrusion. ...
Description Name: Possible CVE-2015-0240 - NULL Session in ServerPasswordSet . This is Trend Micro detection for packets passing through SMB network protocols that manifests Exploit activities which can be a potential intrusion. Below are some indica...
Description Name: Unauthorized Other MODBUS Request . This is Trend Micro detection for packets passing through MODBUS-TCP and PROTOCOL_42 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators...
Description Name: Unsuccessful log on to POSTGRES service - Database does not exist . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. B...
Description Name: SQL Dump File Upload . This is Trend Micro detection for packets passing through various network protocols that manifests Suspicious File Upload activities which can be a potential intrusion. Below are some indicators of unusual beh...
Description Name: Executable file - Email . This is Trend Micro detection for packets passing through SMTP, POP3 and IMAP4 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual beha...
Description Name: CVE-2014-6271 - Shellshock SMTP Exploit . This is Trend Micro detection for SMTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network beha...
Description Name: CVE-2014-6271 - Shellshock POP3 Exploit . This is Trend Micro detection for POP3 network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network beha...