Skip to main content

Netskope Help

IPS Threat Content Update Release Notes 23.125.17

Refer to the following summary of signatures deployed on 27th June, 2023 with the IPS content release:

  • Total signatures: 18248

  • Signatures added: 12

  • Signatures modified: 14

  • Signatures removed: 5

Signatures Added

SID

Description

Reference

150621

MALWARE-CNC Sliver.C2.Session Start traffic detected

No Reference

150624

MALWARE-CNC Sliver.C2.File traffic detected

No Reference

150626

MALWARE-CNC Sliver.C2.Generic traffic detected

No Reference

61904

MALWARE-CNC Win.Trojan.Gozi malicious file download

www.virustotal.com/gui/file/d67275e2cd7f5764d1d7fe088fa1683bc9aa873447e82d02fc2c6da2e11f01bc

61902

MALWARE-CNC Win.Trojan.Redline malicious file download

www.virustotal.com/gui/file/666e5755e21665e8fd2a26425563d05f1cbd0a5024ad763c71e6d62e68cac438

61948

MALWARE-OTHER Win.Trojan.Barys file download attempt

No Reference

150622

MALWARE-CNC Sliver.C2.Session Message traffic detected

No Reference

150623

MALWARE-CNC Sliver.C2.Poll traffic detected

No Reference

61906

FILE-OTHER Microsoft Visual Studio Python Interpreter Services remote code execution attempt

CVE-2021-27068

61950

MALWARE-OTHER Win.Trojan.Barys file download attempt

No Reference

61916

OS-WINDOWS Microsoft Windows TPM device driver elevation of privilege attempt

CVE-2023-29360

61914

MALWARE-TOOLS Win.Proxy.frp download attempt

github.com/fatedier/frp

Signatures Removed

Removed the following signatures due to False Positives (FP):

  • 41457

  • 18357

  • 39603

  • 39601

  • 61455