CTEP/IPS Threat Content Update Release Notes 87.0.1.78

CTEP/IPS Threat Content Update Release Notes 87.0.1.78

Refer to the following summary of signatures deployed with the IPS content release:

  • Total signatures: 20677
  • Signatures added: 05
  • Signatures removed: 00
  • Signature modified: 03

Signatures Added

SIDDescriptionReference
57901MALWARE-CNC Doc.Downloader.Emotet variant outbound connectionattempthttp://www.virusto tal.com/#/file/2cb81a1a59df4a4fd2 22fbcb946db3d653185c2e79cf4d 3365b430b1988d485f/detection
57893MALWARE-CNC Win.Trojan.TrickBot outbound connection attempthttp://www.virusto tal.com/gui/file/b33f1abe6c9011aa 598fb679135f0b543be2cd4e1178c ba8bcf70a5859cb2f5e/detection
57896OS-WINDOWS Microsoft Windows kernel elevation of privilege attemptCVE-2021-33771
57894OS-WINDOWS Microsoft Windows Kernel privilege escalation attemptCVE-2021-31979
57890OS-WINDOWS Microsoft Windows Win32k privilege escalation attemptCVE-2021-34449

Signatures Modified

SIDDescriptionReference
42749BROWSER-IE Microsoft Edge scripting engine postMessage use after free attemptCVE-2018-0872
57197SERVER-OTHER Multiple products outbound HTTP request to SIP portand potential NAT slipstreaming attack attempthttp://github.com/ samyk/slipstream
57199SERVER-OTHER Multiple products outbound HTTP request to SIP portand potential NAT slipstreaming attack attempthttp://github.com/ samyk/slipstream
Share this Doc

CTEP/IPS Threat Content Update Release Notes 87.0.1.78

Or copy link

In this topic ...