Keyword: bec_suspicious.ers
2853 Total Search   |   Showing Results : 701 - 720
  Previous   Next  
Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt
Apply associated Trend Micro DPI Rules. 1007969|
DDI-RULE-2240
Description Name: Possible CVE-2016-6662 - MySQL Remote Code Execution Exploit - Variant 2 . This is Trend Micro detection for MYSQL network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host ex...
DDI-RULE-2458
Description Name: COMMAND INJECTION IN URI - HTTP . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as N/A. This also indicates a malware infection. Below are some indicators of an infected host:Exces...
DDI-RULE-1152
Description Name: AGENT - HTTP (Request) - Variant 20 . This is Trend Micro detection for packets passing through HTTP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behav...
DDI-RULE-2613
Description Name: POWERSHELL Download - HTTP (Request) - Variant 2 .
DDI-RULE-169
Description Name: Meta tag redirecting to executable file - HTTP (Response) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicato...
DDI-RULE-2654
Description Name: Powershell - SMB .
DDI-RULE-2660
Description Name: ASP WebShell - HTTP (Request) .
DDI-RULE-2702
Description Name: Host Discovery - UDP (Request) .
DDI-RULE-2718
Description Name: S7 Enumerate Redpoint NSE Request CPU Function Read SZL - TCP (Request) .
DDI-RULE-2800
Description Name: Possible Scan of Outstation - DNP3 (Response) Beta .
DDI-RULE-2845
Description Name: Possible PDF in Chrome Information Disclosure - HTTP (Request) .
DDI-RULE-2244
Description Name: DEMO RULE - ICMP (Request) . This is Trend Micro detection for packets passing through ICMP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspi...
DDI-RULE-2508
Description Name: Unauthorized STARTDT IEC-104 Request .
DDI-RULE-2510
Description Name: Non-IEC-104 Communication Request .
DDI-RULE-2584
Description Name: POSGERAT Data Exfiltration - DNS (Response) . This is Trend Micro detection for packets passing through DNS network protocols that can be used as Data Exfiltration. This also indicates a malware infection. Below are some indicators ...
DDI-RULE-34
Description Name: Transmitted executable or script file - IRC (Request) . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of...
DDI-RULE-407
Description Name: GUMBLAR - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspici...
DDI-RULE-2672
Description Name: CKNIFE - HTTP (Request) .
DDI-RULE-2676
Description Name: PHP Webshell - HTTP (Request) - Variant 2 .