CTEP/IPS Threat Content Update Release Notes

CTEP/IPS Threat Content Update Release Notes

Refer to the following summary of signatures deployed on 19th September, 2022 with the IPS content release:

  • Signatures added : 16
  • Signatures modified: 0
  • Signatures removed: 418
Signatures Added
60547OS-WINDOWS Microsoft Windows privilege escalation attemptCVE-2022-37957
60550OS-WINDOWS Microsoft Windows GDI elevation of privilege attemptCVE-2022-34729
60552OS-WINDOWS DirectX Graphics kernel use after free attemptCVE-2022-37954
60554OS-WINDOWS ALPC Port Object elevation of privilege attemptCVE-2022-34725
60556OS-WINDOWS Windows Common Log File System driver escalation of privileges attemptCVE-2022-35803
150181MALWARE-CNC EK.Kaixin.Traffic Redirect detectedNo reference
150183MALWARE-CNC EK.Scanbox.PSI Traffic detectedNo reference
150182MALWARE-CNC EK.Nuclear.Swf Traffic detectedNo reference
150184MALWARE-CNC EK.Sbelevo.Maze Traffic detectedNo reference
150277MALWARE-CNC A100-858 Exploit Kit Activity – HUNTER Landing PageNo reference
150279MALWARE-CNC A100-852 Exploit Kit Activity – HUNTER CVE-2013-2419 JRE ExploitNo reference
150278MALWARE-CNC A100-856 Exploit Kit Activity – HUNTER CVE-2015-5119 Adobe Flash PlayerNo reference
150177MALWARE-CNC EK.Sedkit Traffic detectedNo reference
150179MALWARE-CNC EK.APT33.Ruler Homepage detectedNo reference
150280MALWARE-CNC A100-805 Exploit Kit Activity – GREENFLASH SUNDOWN Exploit Kit HERMES DownloadNo reference
150281MALWARE-CNC A100-804 Exploit Kit Activity – GREENFLASH SUNDOWN Exploit Kit CVE-2018-4878 Flash ExploitNo reference
Signatures Removed

The following Signatures were removed due to False Positives (FP’s):

  • 16236
  • 15877
  • 13474
  • 41144
  • 47064
  • 13514
  • 60183
  • 59892
  • 50456
  • 149188
Share this Doc
In this topic ...