Netskope Help

CTEP/IPS Threat Content Update Release : 87.0.1.78

Refer to the following summary of signatures deployed with the IPS content release:

  • Total signatures: 20677

  • Signatures added: 05

  • Signatures removed: 00

  • Signature modified: 03

Signatures Added

SID

Description

Reference

57901

MALWARE-CNC Doc.Downloader.Emotet variant outbound connection attempt

http://www.virusto tal.com/#/file/2cb 81a1a59df4a4fd2 22fbcb946db3d6 53185c2e79cf4d 3365b430b1988d 485f/detection

57893

MALWARE-CNC Win.Trojan.TrickBot outbound connection attempt

http://www.virusto tal.com/gui/file/b3 3f1abe6c9011aa 598fb679135f0b5 43be2cd4e1178c ba8bcf70a5859c b2f5e/detection

57896

OS-WINDOWS Microsoft Windows kernel elevation of privilege attempt

CVE-2021-33771

57894

OS-WINDOWS Microsoft Windows Kernel privilege escalation attempt

CVE-2021-31979

57890

OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt

CVE-2021-34449

Signatures Modified

SID

Description

Reference

42749

BROWSER-IE Microsoft Edge scripting engine postMessage use after free attempt

CVE-2018-0872

57197

SERVER-OTHER Multiple products outbound HTTP request to SIP port and potential NAT slipstreaming attack attempt

http://github.com/ samyk/slipstream

57199

SERVER-OTHER Multiple products outbound HTTP request to SIP port and potential NAT slipstreaming attack attempt

http://github.com/ samyk/slipstream

To learn more, view IPS FAQ