Netskope Help

CTEP/IPS Threat Content Update Release Notes 96.1.1.211

Refer to the following summary of signatures deployed with the IPS content release:

  • Total signatures: 21151

  • Signatures added: 20

  • Signatures modified: 00

  • Signatures removed: 02

Signatures Added

SID

Description

Reference

60213

OS-WINDOWS Microsoft Windows CSRS subsystem elevation of privilege attempt

CVE-2022-22047

150153

POLICY-OTHER Netskope test string download

-

60192

OS-WINDOWS Microsoft Windows storage elevation of privilege attempt

CVE-2022-30220

60199

OS-WINDOWS Microsoft Windows Advanced Local Procedure Call elevation of privilege attempt

CVE-2022-30202

150150

MALWARE-CNC Sakula.Generic suspicious traffic detected

-

60207

OS-WINDOWS Microsoft Windows Graphics Component elevation of privilege attempt

CVE-2022-22034

150151

MALWARE-CNC Sakula.Generic suspicious traffic detected

-

150248

MALWARE-CNC Command and Control - BACKSPACE C2 Communication Variant3 detected

-

150249

MALWARE-CNC Command and Control - BACKSPACE C2 Communication Variant2 detected

-

150246

MALWARE-CNC Command and Control - CRYPTOWALL Beacon detected

-

150247

MALWARE-CNC Command and Control - ENCRYPTORRAAS C2 Check-in detected

-

150244

MALWARE-CNC Command and Control - NANOCORE C2 Traffic Variant5 detected

-

150245

MALWARE-CNC Command and Control - LOKIBOT C2 Communication Variant5 detected

-

150144

MALWARE-CNC Birdpen.Generic C2 traffic detected

-

150146

MALWARE-CNC Tofsee.Gen suspicious traffic detected

-

150145

MALWARE-CNC Trevor.Generic C2 traffic detected

-

150147

MALWARE-CNC Phisery.Isotope.Generic suspicious traffic detected

-

150143

MALWARE-CNC Superglue.Generic C2 Beacon traffic detected

-

150149

MALWARE-CNC Smokeloader.Generic suspicious traffic detected

-

150148

MALWARE-CNC Sourcandle.Generic suspicious traffic detected

-