Search
Keyword: bec_suspicious.ers
Description Name: Certificate fields with missing or useless data - SSL . This is Trend Micro detection for packets passing through HTTPS network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators ...
Description Name: Incorrect Content-Type value in header - HTTP (Response) - Variant 2 . This is Trend Micro detection for packets passing through HTTP network protocols that manifests Callback activities which can be a potential intrusion. Below are...
Description Name: Shodan Internet Scan - Possible Exposed Device/Service . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators o...
Description Name: Suspicious Executable File Download - HTTP (Response) .
Description Name: LizaMoon - Compromised site with malicious URL . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusu...
Description Name: Certificate fields with missing or useless data - SSL - Variant 5 . This is Trend Micro detection for packets passing through HTTPS network protocols that manifests unusual behavior which can be a potential intrusion. Below are some...
Description Name: Successful log on to MSSQL service . This is Trend Micro detection for packets passing through MSSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unusua...
Description Name: Successful log on to Oracle service . This is Trend Micro detection for packets passing through ORACLE network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unus...
Description Name: Remote Service execution through SMB ATSVC detected . This is Trend Micro detection for packets passing through SMB network protocols that manifests Login Attempt actions which can be a potential intrusion. Below are some indicators...
Description Name: Downloaded executable file - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual ...
Description Name: File Download From known CNC Server detected . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual...
Description Name: Host DNS query to a non-trusted DNS server . This is the Trend Micro detection for malicious N/A network packet
Description Name: APT - Suspicious Cgi - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network behavi...
Description Name: CHOPPER - HTTP (REQUEST) - Variant 2 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some ...
Description Name: Suspicious File Upload - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network beha...
Description Name: Hotmail cross-site scripting exploit - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests Exploit activities which can be a potential intrusion. Below are some indicators...
Description Name: Suspicious packed executable file . This is Trend Micro detection for packets passing through various network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavio...
Description Name: Certificate fields with missing or useless data - SSL - Variant 8 . This is Trend Micro detection for packets passing through HTTPS network protocols that manifests unusual behavior which can be a potential intrusion. Below are some...
Description Name: Archive file containing packed executable file - Email . This is Trend Micro detection for packets passing through SMTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators ...
Description Name: A privileged user attempted to log on to MSSQL service . This is Trend Micro detection for packets passing through MSSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some ...