Netskope Help

CTEP/IPS Threat Content Update Release 88.1.1.91

Refer to the following summary of signatures deployed with the IPS content release:

  • Total signatures: 20753

  • Signatures added: 06

  • Signatures removed: 13

  • Signature modified: 00

Signatures Added

SID

Description

Reference

57901

MALWARE-CNC Doc.Downloader.Emotet variant outbound connection attempt

http://attack.mitre.org/techniques/t1071

57890

OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt

CVE-2021-34449

57998

BROWSER-IE Microsoft Internet Explorer memory corruption attempt

CVE-2021-34480

57894

OS-WINDOWS Microsoft Windows Kernel privilege escalation attempt

CVE-2021-31979

57896

OS-WINDOWS Microsoft Windows kernel elevation of privilege attempt

CVE-2021-33771

57893

MALWARE-CNC Win.Trojan.TrickBot outbound connection attempt

http://www.virustotal.com/gui/file/b33f1abe6c9011aa598fb679135f0b543be2cd4e1178cba8bcf70a5859cb2f5e/detection

Signatures Removed

SID

Description

Reference

6407

APP-DETECT Gizmo register VOIP state

http://www.gizmoproject.com/

140751

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140750

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140753

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140752

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140755

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140754

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140757

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140759

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140758

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140749

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140756

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

140760

MALWARE-CNC Cobalt Strike C2 Communication Detected

http://cobaltstrike.com/

To learn more, view IPS FAQ