Search

Description Name: CVE-2014-6271 - Shellshock SMTP Exploit . This is Trend Micro detection for SMTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network beha...

Description Name: CVE-2014-6271 - Shellshock POP3 Exploit . This is Trend Micro detection for POP3 network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network beha...

Description Name: CVE-2014-6271 - Shellshock DHCP Exploit . This is Trend Micro detection for SMTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network beha...

* indicates a new version of an existing rule Deep Packet Inspection Rules: Oracle E-Business Suite Web Interface 1011516* - Oracle E-Business Suite Unauthorized Access Vulnerability (CVE-2022-21500)

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This

unauthorized use of the stolen data. Once users access any of the monitored sites, it starts logging keystrokes. It attempts to steal information, such as user names and passwords, used when logging into certain

This Ransomware encrypts files with specific file extensions. It encrypts files found in specific folders. It drops files as ransom note. Installation This Ransomware drops the following copies of

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It steals certain information from the system and/or

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is capable of encrypting files in the affected

the Threat Diagram shown below. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain

drives. It terminates itself after the encryption routine. It deletes itself after execution. Ransomware Routine This Ransomware avoids encrypting files with the following strings in their file name:

unauthorized use of the stolen data. It attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. It checks for the presence of the

unauthorized use of the stolen data. It attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. It checks for the presence of the

unauthorized use of the stolen data. Once users access any of the monitored sites, it starts logging keystrokes. It attempts to steal information, such as user names and passwords, used when logging into certain

account information, which may then lead to the unauthorized use of the stolen data. Arrival Details This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting

unauthorized use of the stolen data. Once users access any of the monitored sites, it starts logging keystrokes. It attempts to steal information, such as user names and passwords, used when logging into certain

unauthorized use of the stolen data. It attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. It attempts to get information from a