CTEP/IPS Threat Content Update Release Notes 88.1.1.91
CTEP/IPS Threat Content Update Release Notes 88.1.1.91
Refer to the following summary of signatures deployed with the IPS content release:
- Total signatures: 20753
- Signatures added: 06
- Signatures removed: 13
- Signature modified: 00
Signatures Added
SID | Description | Reference |
---|---|---|
57901 | MALWARE-CNC Doc.Downloader.Emotet variant outbound connectionattempt | http://attack.mitre.org/techniques/t1071 |
57890 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt | CVE-2021-34449 |
57998 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt | CVE-2021-34480 |
57894 | OS-WINDOWS Microsoft Windows Kernel privilege escalation attempt | CVE-2021-31979 |
57896 | OS-WINDOWS Microsoft Windows kernel elevation of privilege attempt | CVE-2021-33771 |
57893 | MALWARE-CNC Win.Trojan.TrickBot outbound connection attempt | http://www.virustotal.com/gui/file/b33f1abe6c9011aa598fb679135f0b543be2cd4e1178cba8bcf70a5859cb2f5e/detection |
Signatures Removed
SID | Description | Reference |
---|---|---|
6407 | APP-DETECT Gizmo register VOIP state | http://www.gizmoproject.com/ |
140751 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140750 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140753 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140752 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140755 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140754 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140757 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140759 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140758 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140749 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140756 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |
140760 | MALWARE-CNC Cobalt Strike C2 Communication Detected | http://cobaltstrike.com/ |