CTEP/IPS Threat Content Update Release Notes 96.1.1.221
Refer to the following summary of signatures deployed on 22nd July, 2022 with the IPS content release:
Total signatures: 21221
Signatures added: 74
Signatures modified: 17
Signatures removed: 04
Signatures Added
SID | Description | Reference |
---|---|---|
150169 | MALWARE-CNC Subtlelime.Generic.Beacon outgoing connection detected-5 | - |
150168 | MALWARE-CNC Subtlelime.Generic.Beacon outgoing connection detected-4 | - |
150167 | MALWARE-CNC Birdwatch.Generic connection detected-1 | - |
150166 | MALWARE-CNC Pyxie.Generic C2 traffic detected-1 | - |
150165 | MALWARE-CNC Brickhouse.Get.Generic traffic detected-1 | - |
150164 | MALWARE-CNC Emotet.Exfill C2 traffic detected | - |
150163 | MALWARE-CNC Emotet.Generic.DLL payload detected | - |
150162 | MALWARE-CNC Remcos.APT.bits traffic detected | - |
150161 | MALWARE-CNC Grimagent.Generic C2 traffic detected-3 | - |
150160 | MALWARE-CNC Newpass.Generic C2 traffic detected-1 | - |
150325 | MALWARE-CNC Command and Control BARTALEX instruction retrieval | - |
150324 | MALWARE-CNC Command and Control - AZORULT C2 communication variant1 | - |
150327 | MALWARE-CNC Command and Control - BEARHUT C2 beacon | - |
150326 | MALWARE-CNC Command and Control BARTALEX instruction retrieval | - |
150329 | MALWARE-CNC Command and Control - DOUBLEBACK variant 1 and 2 | - |
150328 | MALWARE-CNC Command and Control - AZORULT C2 communication variant 1 | - |
150308 | MALWARE-CNC Command and Control Banking Trojan Pinterest Checkin | - |
150259 | MALWARE-CNC Command and Control - APT41 DEADEYE C2 communication detected | - |
150258 | MALWARE-CNC Command and Control - APT41 MOPSLED POST check-in detected | - |
150255 | MALWARE-CNC Command and Control - GhostEmperor C2 communication detected | - |
150254 | MALWARE-CNC Command and Control - MIRAGE check-in detected | - |
150257 | MALWARE-CNC Command and Control - APT41 POISONPLUG C2 check-in detected | - |
150256 | MALWARE-CNC Command and Control - APT41 SOGU POST beacon variant 2 detected | - |
150251 | MALWARE-CNC Command and Control - EMOTET Malware C2 check-in variant 2 detected | - |
150250 | MALWARE-CNC Command and Control - IXESHEMECKLOW check-in detected | - |
150253 | MALWARE-CNC Command and Control - LITRECOLA check-in detected | - |
150252 | MALWARE-CNC Command and Control - FIN13 DRAWSTRING C2 communication detected | - |
150276 | MALWARE-CNC Command and Control - WSHRAT beacon variant 2 detected | - |
150275 | MALWARE-CNC Command and Control - TEMP.Armageddon Winter 2022 Bomb Threat Lure variant 4 detected | - |
150274 | MALWARE-CNC Command and Control - STILLBOT Hardcoded IP callout detected | - |
150273 | MALWARE-CNC Command and Control - NUGGETPHANTOM Post-exploitation traffic variant 3 detected | - |
150272 | MALWARE-CNC Command and Control - NUGGETPHANTOM Post-exploitation traffic variant 2 detected | - |
150270 | MALWARE-CNC Command and Control - APT34 TWOTONE check-in detected | - |
150156 | MALWARE-CNC Subtlelime.Generic.Beacon outgoing connection detected-1 | - |
150155 | MALWARE-CNC Birdwatch.Generic connection detected | - |
150152 | MALWARE-CNC Delimeat.Generic check-in traffic detected | - |
150158 | MALWARE-CNC Axeterror.Generic.Beacon outgoing connection detected-1 | - |
150159 | MALWARE-CNC Beacon.Dropper.Generic outgoing connection detected | - |
150271 | MALWARE-CNC Command and Control - NUGGETPHANTOM Post-exploitation traffic variant 1 detected | - |
150170 | MALWARE-CNC Beacon.Dropper.Generic outgoing connection detected-1 | - |
150171 | MALWARE-CNC Grimagent.Generic C2 traffic detected-4 | - |
150172 | MALWARE-CNC Remcos.APT.bits.Head traffic detected-1 | - |
150173 | MALWARE-CNC Remcos.APT.bits.Get traffic detected-1 | - |
150174 | MALWARE-CNC PowerShell Empire variant outbound connection | - |
150175 | MALWARE-CNC Uppercut.check-in C2 traffic detected-1 | - |
150332 | MALWARE-CNC Command and Control - DOUBLEDROP variant 1 | - |
150333 | MALWARE-CNC Command and Control - DOUBLEDROP variant 2 | - |
150330 | MALWARE-CNC Command and Control - DOUBLEBACK variant 3 and 4 | - |
150331 | MALWARE-CNC Command and Control - DOUBLEBACK variant 5 and 6 | - |
150336 | MALWARE-CNC Command and Control BEACON check-in | - |
150337 | MALWARE-CNC Command and Control - BAZARLOADER C2 traffic variant 3 | - |
150334 | MALWARE-CNC Command and Control - DOUBLEDROP variant 3 | - |
150335 | MALWARE-CNC Command and Control - Banking Trojan Pinterest check-in | - |
150338 | MALWARE-CNC Command and Control WINEKEY payload request | - |
150417 | MALWARE-CNC Emotet.Beacon C2 traffic detected-2 | - |
150416 | MALWARE-CNC Emotet.Beacon C2 traffic detected-1 | - |
150157 | MALWARE-CNC Subtlelime.Generic.Beacon outgoing connection detected-3 | - |
150154 | POLICY-OTHER Netskope test string upload test | - |
150268 | MALWARE-CNC Command and Control - APT28 LITTLENAME C2 communication detected | - |
150269 | MALWARE-CNC Command and Control - APT28 LITTLENAME C2 communication detected | - |
150260 | MALWARE-CNC Command and Control - APT41 BEACON C2 check-in detected | - |
150261 | MALWARE-CNC Command and Control - APT29 BEACON Dropper C2 communication variant 1 detected | - |
150262 | MALWARE-CNC Command and Control - APT28 SOFACY Janes Campaign February 2018 detected | - |
150263 | MALWARE-CNC Command and Control - ABCBOT C2 communication variant 1 detected | - |
150264 | MALWARE-CNC Command and Control - ABCBOT beacon detected | - |
150265 | MALWARE-CNC Command and Control - TEMP.Hermit ONESTEP check-in detected | - |
150266 | MALWARE-CNC Command and Control - KEGTAP update payload request detected | - |
150267 | MALWARE-CNC Command and Control - KEGTAP Second Stage payload request detected | - |
150413 | MALWARE-CNC Spicytuna.Generic.Post traffic detected | - |
150414 | MALWARE-CNC Temp.Armageddon.APT 2020 Campaign traffic detected-1 | - |
150141 | MALWARE-CNC Clubhouse.Generic C2 beacon detected | - |
150415 | MALWARE-CNC Emotet.Generic.Encrypted check-in traffic detected | - |
150419 | MALWARE-CNC Zerot.Generic C2 beacon detected | - |
150418 | MALWARE-CNS Emotet.Generic C2 check-in traffic detected | - |