CTEP/IPS Threat Content Update Release Notes 96.1.1.211

CTEP/IPS Threat Content Update Release Notes 96.1.1.211

Refer to the following summary of signatures deployed on 13th July, 2022 with the IPS content release:

  • Signatures added: 20
  • Signatures modified: 00
  • Signatures removed: 02
Signatures Added
SIDDescriptionReference
60213OS-WINDOWS Microsoft Windows CSRS subsystem elevation of privilege attemptCVE-2022-22047
150153POLICY-OTHER Netskope test string download
60192OS-WINDOWS Microsoft Windows storage elevation of privilege attemptCVE-2022-30220
60199OS-WINDOWS Microsoft Windows Advanced Local Procedure Call elevation of privilege attemptCVE-2022-30202
150150MALWARE-CNC Sakula.Generic suspicious traffic detected
60207OS-WINDOWS Microsoft Windows Graphics Component elevation of privilege attemptCVE-2022-22034
150151MALWARE-CNC Sakula.Generic suspicious traffic detected
150248MALWARE-CNC Command and Control – BACKSPACE C2 Communication Variant3 detected
150249MALWARE-CNC Command and Control – BACKSPACE C2 Communication Variant2 detected
150246MALWARE-CNC Command and Control – CRYPTOWALL Beacon detected
150247MALWARE-CNC Command and Control – ENCRYPTORRAAS C2 Check-in detected
150244MALWARE-CNC Command and Control – NANOCORE C2 Traffic Variant5 detected
150245MALWARE-CNC Command and Control – LOKIBOT C2 Communication Variant5 detected
150144MALWARE-CNC Birdpen.Generic C2 traffic detected
150146MALWARE-CNC Tofsee.Gen suspicious traffic detected
150145MALWARE-CNC Trevor.Generic C2 traffic detected
150147MALWARE-CNC Phisery.Isotope.Generic suspicious traffic detected
150143MALWARE-CNC Superglue.Generic C2 Beacon traffic detected
150149MALWARE-CNC Smokeloader.Generic suspicious traffic detected
150148MALWARE-CNC Sourcandle.Generic suspicious traffic detected
Share this Doc

CTEP/IPS Threat Content Update Release Notes 96.1.1.211

Or copy link

In this topic ...