악성코드 Networks

주간 탐지 룰(YARA, Snort) 정보 – 2024년 11월 1주차

  • 11월 06 2024
주간 탐지 룰(YARA, Snort) 정보 – 2024년 11월 1주차

AhnLab TIP 서비스에서 수집한, 공개된 YARA, Snort룰(2024년 11월 1주) 정보입니다.

  • 0 YARA Rules
  • 12 Snort Rules
탐지명 설명 출처
ET WEB_SPECIFIC_APPS PFsense Stored Cross-Site Scripting (CVE-2024-46538) PFsense Stored 크로스 사이트 스크립팅(CVE-2024-46538) 취약점 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET ATTACK_RESPONSE Observed ClickFix Powershell Delivery Page (Portuguese) ClickFix Powershell 전달 페이지 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET ATTACK_RESPONSE Observed ClickFix Powershell Delivery Page Inbound ClickFix Powershell 전달 페이지 유입 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET WEB_SPECIFIC_APPS IBM Aspera Faspex Pre-Auth RCE Attempt (CVE-2022-47986) IBM Aspera Faspex Pre-Auth 원격 코드 실행 시도(CVE-2022-47986) 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET WEB_SPECIFIC_APPS Ivanti Cloud Service Appliance Authenticated Command Injection (CVE-2024-9380) Ivanti Cloud Service Appliance 커맨드 인젝션 (CVE-2024-9380) 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET MOBILE_MALWARE Android/TrickMo.Banker POST Request TrickMo.Banker Post 요청 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET MOBILE_MALWARE Android/TrickMo.Banker GET Config Request TrickMo.Banker Get config 요청 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET MOBILE_MALWARE Android/TrickMo.Banker Config Response TrickMo.Banker Config 응답 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET WEB_SPECIFIC_APPS Cyberpanel upgrademysqlstatus Command Injection Attempt (CVE-2024-51567) Cyberpanel upgrademysqlstatus 커맨드 인젝션 시도(CVE-2024-51567) 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET TROJAN Observed UAC-0050 CnC Activity UAC-0050 C2 연결 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET TROJAN Win32/BlackShadow Activity (GET) M1 BackShadow C2 연결 패킷 탐지 https://rules.emergingthreatspro.com/open/
ET CURRENT_EVENTS BlackShadow Raphael Company Impersonation Form Submission BackShadow Raphael Company 위장 Form 전송 패킷 탐지 https://rules.emergingthreatspro.com/open/

2024-11_ASEC_Notes_1_snort.rules
Previous Post

Next Post